diff options
137 files changed, 4624 insertions, 1307 deletions
diff --git a/.tito/packages/openshift-ansible b/.tito/packages/openshift-ansible index 80563b79a..087da58c4 100644 --- a/.tito/packages/openshift-ansible +++ b/.tito/packages/openshift-ansible @@ -1 +1 @@ -3.0.55-1 ./ +3.0.65-1 ./ diff --git a/README_libvirt.md b/README_libvirt.md index 8b46252b3..5c72eb64f 100644 --- a/README_libvirt.md +++ b/README_libvirt.md @@ -10,7 +10,7 @@ This makes `libvirt` useful to develop, test and debug OpenShift and openshift-a Install dependencies -------------------- -1. Install [ansible](http://www.ansible.com/) +1. Install [ansible](http://www.ansible.com/) 2. Install [dnsmasq](http://www.thekelleys.org.uk/dnsmasq/doc.html) 3. Install [ebtables](http://ebtables.netfilter.org/) 4. Install [qemu and qemu-system-x86](http://wiki.qemu.org/Main_Page) @@ -121,6 +121,11 @@ The following options can be passed via the `-o` flag of the `create` command or * `image_name` (default to `CentOS-7-x86_64-GenericCloud.qcow2`): Name of the QCOW2 image to boot the VMs on * `image_compression` (default to `xz`): Source QCOW2 compression (only xz supported at this time) * `image_sha256` (default to `dd0f5e610e7c5ffacaca35ed7a78a19142a588f4543da77b61c1fb0d74400471`): Expected SHA256 checksum of the downloaded image +* `libvirt_storage_pool` (default to `openshift-ansible`): name of the libvirt storage pool for the VM images. It will be created if it does not exist +* `libvirt_storage_pool_path` (default to `$HOME/libvirt-storage-pool-openshift-ansible`): path to `libvirt_storage_pool`, i.e. where the VM images are stored +* `libvirt_network` (default to `openshift-ansible`): name of the libvirt network that the VMs will use. It will be created if it does not exist +* `libvirt_instance_memory_mib` (default to `1024`): memory of the VMs in MiB +* `libvirt_instance_vcpu` (default to `2`): number of vCPUs of the VMs * `skip_image_download` (default to `no`): Skip QCOW2 image download. This requires the `image_name` QCOW2 image to be already present in `$HOME/libvirt-storage-pool-openshift-ansible` Creating a cluster diff --git a/bin/openshift_ansible/awsutil.py b/bin/openshift_ansible/awsutil.py index eba11e851..11651f087 100644 --- a/bin/openshift_ansible/awsutil.py +++ b/bin/openshift_ansible/awsutil.py @@ -137,13 +137,13 @@ class AwsUtil(object): inst_by_env = {} for _, host in inv['_meta']['hostvars'].items(): # If you don't have an environment tag, we're going to ignore you - if 'ec2_tag_environment' not in host: + if 'oo_environment' not in host: continue - if host['ec2_tag_environment'] not in inst_by_env: - inst_by_env[host['ec2_tag_environment']] = {} - host_id = "%s:%s" % (host['ec2_tag_Name'], host['ec2_id']) - inst_by_env[host['ec2_tag_environment']][host_id] = host + if host['oo_environment'] not in inst_by_env: + inst_by_env[host['oo_environment']] = {} + host_id = "%s:%s" % (host['oo_name'], host['oo_id']) + inst_by_env[host['oo_environment']][host_id] = host return inst_by_env @@ -14,6 +14,8 @@ CONFIG_MAIN_SECTION = 'main' class Oscp(object): def __init__(self): + self.host = None + self.user = '' self.file_path = os.path.join(os.path.dirname(os.path.realpath(__file__))) # Default the config path to /etc @@ -56,8 +58,6 @@ class Oscp(object): def parse_cli_args(self): parser = argparse.ArgumentParser(description='OpenShift Online SSH Tool.') - parser.add_argument('-e', '--env', - action="store", help="Environment where this server exists.") parser.add_argument('-d', '--debug', default=False, action="store_true", help="debug mode") parser.add_argument('-v', '--verbose', default=False, @@ -82,8 +82,6 @@ class Oscp(object): def process_host(self): '''Determine host name and user name for SSH. ''' - self.user = '' - # is the first param passed a valid file? if os.path.isfile(self.args.src) or os.path.isdir(self.args.src): self.local_src = True @@ -108,76 +106,34 @@ class Oscp(object): self.host = search.groups()[0] self.path = search.groups()[1] - if self.args.env: - self.env = self.args.env - elif "." in self.host: - self.host, self.env = self.host.split(".") - else: - self.env = None - def get_hosts(self, refresh_cache=False): - '''Query our host inventory and return a dict where the format - equals: - - dict['environment'] = [{'servername' : {}}, ] - ''' + '''Query our host inventory and return a dict where the format ''' if refresh_cache: - self.host_inventory = self.aws.build_host_dict_by_env(['--refresh-cache']) + self.host_inventory = self.aws.get_inventory(['--refresh-cache'])['_meta']['hostvars'] else: - self.host_inventory = self.aws.build_host_dict_by_env() + self.host_inventory = self.aws.get_inventory()['_meta']['hostvars'] def select_host(self): '''select host attempts to match the host specified on the command line with a list of hosts. ''' - results = [] - for env in self.host_inventory.keys(): - for hostname, server_info in self.host_inventory[env].items(): - if hostname.split(':')[0] == self.host: - results.append((hostname, server_info)) - - # attempt to select the correct environment if specified - if self.env: - results = filter(lambda result: result[1]['oo_environment'] == self.env, results) - - if results: - return results + results = None + if self.host_inventory.has_key(self.host): + results = (self.host, self.host_inventory[self.host]) else: print "Could not find specified host: %s." % self.host # default - no results found. - return None + return results def list_hosts(self, limit=None): '''Function to print out the host inventory. Takes a single parameter to limit the number of hosts printed. ''' - - if self.env: - results = self.select_host() - if len(results) == 1: - hostname, server_info = results[0] - sorted_keys = server_info.keys() - sorted_keys.sort() - for key in sorted_keys: - print '{0:<35} {1}'.format(key, server_info[key]) - else: - for host_id, server_info in results[:limit]: - print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ - '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) - - if limit: - print - print 'Showing only the first %d results...' % limit - print - - else: - for env, host_ids in self.host_inventory.items(): - for host_id, server_info in host_ids.items(): - print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ - '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) - + for host_id, server_info in self.host_inventory.items(): + print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ + '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) def scp(self): '''scp files to or from a specified host @@ -203,17 +159,10 @@ class Oscp(object): if not results: return # early exit, no results - if len(results) > 1: - print "Multiple results found for %s." % self.host - for result in results: - print "{oo_name:<35} {oo_clusterid:<5} {oo_environment:<5} {oo_id:<10}".format(**result[1]) - return # early exit, too many results - # Assume we have one and only one. - hostname, server_info = results[0] - dns = server_info['oo_public_ip'] + server_info = results[1] - host_str = "%s%s%s" % (self.user, dns, self.path) + host_str = "%s%s%s" % (self.user, server_info['oo_public_ip'], self.path) if self.local_src: scp_args.append(self.args.src) @@ -14,6 +14,8 @@ CONFIG_MAIN_SECTION = 'main' class Ossh(object): def __init__(self): + self.user = None + self.host = None self.file_path = os.path.join(os.path.dirname(os.path.realpath(__file__))) # Default the config path to /etc @@ -54,8 +56,6 @@ class Ossh(object): def parse_cli_args(self): parser = argparse.ArgumentParser(description='OpenShift Online SSH Tool.') - parser.add_argument('-e', '--env', action="store", - help="Which environment to search for the host ") parser.add_argument('-d', '--debug', default=False, action="store_true", help="debug mode") parser.add_argument('-v', '--verbose', default=False, @@ -83,91 +83,48 @@ class Ossh(object): def process_host(self): '''Determine host name and user name for SSH. ''' - self.env = None - self.user = None - - re_env = re.compile("\.(" + "|".join(self.host_inventory.keys()) + ")") - search = re_env.search(self.args.host) - if self.args.env: - self.env = self.args.env - elif search: - # take the first? - self.env = search.groups()[0] - # remove env from hostname command line arg if found - if search: - self.args.host = re_env.split(self.args.host)[0] + parts = self.args.host.split('@') # parse username if passed - if '@' in self.args.host: - self.user, self.host = self.args.host.split('@') + if len(parts) > 1: + self.user = parts[0] + self.host = parts[1] else: - self.host = self.args.host + self.host = parts[0] + if self.args.login_name: self.user = self.args.login_name - def get_hosts(self, refresh_cache=False): - '''Query our host inventory and return a dict where the format - equals: - dict['servername'] = dns_name - ''' + def get_hosts(self, refresh_cache=False): + '''Query our host inventory and return a dict where the format ''' if refresh_cache: - self.host_inventory = self.aws.build_host_dict_by_env(['--refresh-cache']) + self.host_inventory = self.aws.get_inventory(['--refresh-cache'])['_meta']['hostvars'] else: - self.host_inventory = self.aws.build_host_dict_by_env() + self.host_inventory = self.aws.get_inventory()['_meta']['hostvars'] def select_host(self): '''select host attempts to match the host specified on the command line with a list of hosts. ''' - results = [] - for env in self.host_inventory.keys(): - for hostname, server_info in self.host_inventory[env].items(): - if hostname.split(':')[0] == self.host: - results.append((hostname, server_info)) - - # attempt to select the correct environment if specified - if self.env: - results = filter(lambda result: result[1]['oo_environment'] == self.env, results) - - if results: - return results + results = None + if self.host_inventory.has_key(self.host): + results = (self.host, self.host_inventory[self.host]) else: print "Could not find specified host: %s." % self.host # default - no results found. - return None + return results def list_hosts(self, limit=None): '''Function to print out the host inventory. Takes a single parameter to limit the number of hosts printed. ''' - - if self.env: - results = self.select_host() - if len(results) == 1: - hostname, server_info = results[0] - sorted_keys = server_info.keys() - sorted_keys.sort() - for key in sorted_keys: - print '{0:<35} {1}'.format(key, server_info[key]) - else: - for host_id, server_info in results[:limit]: - print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ - '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) - - if limit: - print - print 'Showing only the first %d results...' % limit - print - - else: - for env, host_ids in self.host_inventory.items(): - for host_id, server_info in host_ids.items(): - print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ - '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) + for host_id, server_info in self.host_inventory.items(): + print '{oo_name:<35} {oo_clusterid:<10} {oo_environment:<8} ' \ + '{oo_id:<15} {oo_public_ip:<18} {oo_private_ip:<18}'.format(**server_info) def ssh(self): '''SSH to a specified host @@ -193,17 +150,10 @@ class Ossh(object): if not results: return # early exit, no results - if len(results) > 1: - print "Multiple results found for %s." % self.host - for result in results: - print "{oo_name:<35} {oo_clusterid:<5} {oo_environment:<5} {oo_id:<10}".format(**result[1]) - return # early exit, too many results - # Assume we have one and only one. - _, server_info = results[0] - dns = server_info['oo_public_ip'] + server_info = results[1] - ssh_args.append(dns) + ssh_args.append(server_info['oo_public_ip']) #last argument if self.args.command: diff --git a/bin/ossh_bash_completion b/bin/ossh_bash_completion index 77b770a43..dcbde3e51 100755 --- a/bin/ossh_bash_completion +++ b/bin/ossh_bash_completion @@ -1,12 +1,12 @@ __ossh_known_hosts(){ if python -c 'import openshift_ansible' &>/dev/null; then - /usr/bin/python -c 'from openshift_ansible import multi_inventory; m=multi_inventory.MultiInventory(); m.run(); z=m.result; print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])' + /usr/bin/python -c 'from openshift_ansible import multi_inventory; m=multi_inventory.MultiInventory(); m.run(); z=m.result; print "\n".join([name for name in z["_meta"]["hostvars"].keys()])' elif [[ -f /dev/shm/.ansible/tmp/multi_inventory.cache ]]; then - /usr/bin/python -c 'import json; loc="/dev/shm/.ansible/tmp/multi_inventory.cache"; z=json.loads(open(loc).read()); print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])' + /usr/bin/python -c 'import json; loc="/dev/shm/.ansible/tmp/multi_inventory.cache"; z=json.loads(open(loc).read()); print "\n".join([name for name in z["_meta"]["hostvars"].keys()])' elif [[ -f ~/.ansible/tmp/multi_inventory.cache ]]; then - /usr/bin/python -c 'import json,os; loc="%s" % os.path.expanduser("~/.ansible/tmp/multi_inventory.cache"); z=json.loads(open(loc).read()); print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])' + /usr/bin/python -c 'import json,os; loc="%s" % os.path.expanduser("~/.ansible/tmp/multi_inventory.cache"); z=json.loads(open(loc).read()); print "\n".join([name for name in z["_meta"]["hostvars"].keys()])' fi } diff --git a/bin/ossh_zsh_completion b/bin/ossh_zsh_completion index 170ca889b..94ea61dab 100644 --- a/bin/ossh_zsh_completion +++ b/bin/ossh_zsh_completion @@ -2,13 +2,13 @@ _ossh_known_hosts(){ if python -c 'import openshift_ansible' &>/dev/null; then - print $(/usr/bin/python -c 'from openshift_ansible import multi_inventory; m=multi_inventory.MultiInventory(); m.run(); z=m.result; print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])') + print $(/usr/bin/python -c 'from openshift_ansible import multi_inventory; m=multi_inventory.MultiInventory(); m.run(); z=m.result; print "\n".join([name for name in z["_meta"]["hostvars"].keys()])') elif [[ -f /dev/shm/.ansible/tmp/multi_inventory.cache ]]; then - print $(/usr/bin/python -c 'import json; loc="/dev/shm/.ansible/tmp/multi_inventory.cache"; z=json.loads(open(loc).read()); print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])') + print $(/usr/bin/python -c 'import json; loc="/dev/shm/.ansible/tmp/multi_inventory.cache"; z=json.loads(open(loc).read()); print "\n".join([name for name in z["_meta"]["hostvars"].keys() ])') elif [[ -f ~/.ansible/tmp/multi_inventory.cache ]]; then - print $(/usr/bin/python -c 'import json,os; loc="%s" % os.path.expanduser("~/.ansible/tmp/multi_inventory.cache"); z=json.loads(open(loc).read()); print "\n".join(["%s.%s" % (host["oo_name"],host["oo_environment"]) for dns, host in z["_meta"]["hostvars"].items() if all(k in host for k in ("oo_name", "oo_environment"))])') + print $(/usr/bin/python -c 'import json,os; loc="%s" % os.path.expanduser("~/.ansible/tmp/multi_inventory.cache"); z=json.loads(open(loc).read()); print "\n".join([name for name in z["_meta"]["hostvars"].keys() ])') fi diff --git a/inventory/byo/hosts.aep.example b/inventory/byo/hosts.aep.example index 637f13be6..deeea2e40 100644 --- a/inventory/byo/hosts.aep.example +++ b/inventory/byo/hosts.aep.example @@ -62,18 +62,20 @@ deployment_type=atomic-enterprise # Add additional, insecure, and blocked registries to global docker configuration # For enterprise deployment types we ensure that registry.access.redhat.com is # included if you do not include it -#cli_docker_additional_registries=registry.example.com -#cli_docker_insecure_registries=registry.example.com -#cli_docker_blocked_registries=registry.hacker.com +#openshift_docker_additional_registries=registry.example.com +#openshift_docker_insecure_registries=registry.example.com +#openshift_docker_blocked_registries=registry.hacker.com +# Disable pushing to dockerhub +#openshift_docker_disable_push_dockerhub=True # Items added, as is, to end of /etc/sysconfig/docker OPTIONS #openshift_docker_options="-l warn --ipv6=false" # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead -#cli_docker_log_driver=json -#cli_docker_log_options="tag=mailer" +#openshift_docker_log_driver=json +#openshift_docker_log_options="tag=mailer" # Alternate image format string. If you're not modifying the format string and # only need to inject your own registry you may want to consider -# cli_docker_additional_registries instead +# openshift_docker_additional_registries instead #oreg_url=example.com/aep3/aep-${component}:${version} # Additional yum repos to install diff --git a/inventory/byo/hosts.origin.example b/inventory/byo/hosts.origin.example index c30f65f9f..8963c2ad6 100644 --- a/inventory/byo/hosts.origin.example +++ b/inventory/byo/hosts.origin.example @@ -63,18 +63,20 @@ deployment_type=origin # Add additional, insecure, and blocked registries to global docker configuration # For enterprise deployment types we ensure that registry.access.redhat.com is # included if you do not include it -#cli_docker_additional_registries=registry.example.com -#cli_docker_insecure_registries=registry.example.com -#cli_docker_blocked_registries=registry.hacker.com +#openshift_docker_additional_registries=registry.example.com +#openshift_docker_insecure_registries=registry.example.com +#openshift_docker_blocked_registries=registry.hacker.com +# Disable pushing to dockerhub +#openshift_docker_disable_push_dockerhub=True # Items added, as is, to end of /etc/sysconfig/docker OPTIONS #openshift_docker_options="-l warn --ipv6=false" # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead -#cli_docker_log_driver=json -#cli_docker_log_options="tag=mailer" +#openshift_docker_log_driver=json +#openshift_docker_log_options="tag=mailer" # Alternate image format string. If you're not modifying the format string and # only need to inject your own registry you may want to consider -# cli_docker_additional_registries instead +# openshift_docker_additional_registries instead #oreg_url=example.com/openshift3/ose-${component}:${version} # Origin copr repo diff --git a/inventory/byo/hosts.ose.example b/inventory/byo/hosts.ose.example index b51569e68..b931a684d 100644 --- a/inventory/byo/hosts.ose.example +++ b/inventory/byo/hosts.ose.example @@ -62,19 +62,21 @@ deployment_type=openshift-enterprise # Add additional, insecure, and blocked registries to global docker configuration # For enterprise deployment types we ensure that registry.access.redhat.com is # included if you do not include it -#cli_docker_additional_registries=registry.example.com -#cli_docker_insecure_registries=registry.example.com -#cli_docker_blocked_registries=registry.hacker.com +#openshift_docker_additional_registries=registry.example.com +#openshift_docker_insecure_registries=registry.example.com +#openshift_docker_blocked_registries=registry.hacker.com +# Disable pushing to dockerhub +#openshift_docker_disable_push_dockerhub=True # Items added, as is, to end of /etc/sysconfig/docker OPTIONS #openshift_docker_options="-l warn --ipv6=false" # Deprecated methods to set --log-driver and --log-opts flags, use openshift_docker_options instead -#cli_docker_log_driver=json -#cli_docker_log_options="tag=mailer" +#openshift_docker_log_driver=json +#openshift_docker_log_options="tag=mailer" # Alternate image format string. If you're not modifying the format string and # only need to inject your own registry you may want to consider -# cli_docker_additional_registries instead +# openshift_docker_additional_registries instead #oreg_url=example.com/openshift3/ose-${component}:${version} # Additional yum repos to install diff --git a/inventory/multi_inventory.py b/inventory/multi_inventory.py index 20fc48aa9..be597267e 100755 --- a/inventory/multi_inventory.py +++ b/inventory/multi_inventory.py @@ -25,6 +25,9 @@ class MultiInventoryException(Exception): '''Exceptions for MultiInventory class''' pass +# pylint: disable=too-many-public-methods +# After a refactor of too-many-branches and placing those branches into +# their own corresponding function, we have passed the allowed amount of functions(20). class MultiInventory(object): ''' MultiInventory class: @@ -282,35 +285,75 @@ class MultiInventory(object): else: return data.get(keys, None) - def apply_account_config(self, acc_config): - ''' Apply account config settings - ''' - results = self.all_inventory_results[acc_config['name']] - results['all_hosts'] = results['_meta']['hostvars'].keys() - + def apply_extra_vars(self, inventory, extra_vars): + ''' Apply the account config extra vars ''' # Extra vars go here - for new_var, value in acc_config.get('extra_vars', {}).items(): - for data in results['_meta']['hostvars'].values(): + for new_var, value in extra_vars.items(): + for data in inventory.values(): self.add_entry(data, new_var, value) + def apply_clone_vars(self, inventory, clone_vars): + ''' Apply the account config clone vars ''' # Clone vars go here - for to_name, from_name in acc_config.get('clone_vars', {}).items(): - for data in results['_meta']['hostvars'].values(): + for to_name, from_name in clone_vars.items(): + for data in inventory.values(): self.add_entry(data, to_name, self.get_entry(data, from_name)) - # Extra groups go here - for new_var, value in acc_config.get('extra_groups', {}).items(): - for data in results['_meta']['hostvars'].values(): - results["%s_%s" % (new_var, value)] = copy.copy(results['all_hosts']) - - # Clone groups go here - # Build a group based on the desired key name - for to_name, from_name in acc_config.get('clone_groups', {}).items(): - for name, data in results['_meta']['hostvars'].items(): + def apply_extra_groups(self, inventory, extra_groups): + ''' Apply the account config for extra groups ''' + _ = self # Here for pylint. wanted an instance method instead of static + for new_var, value in extra_groups.items(): + for _ in inventory['_meta']['hostvars'].values(): + inventory["%s_%s" % (new_var, value)] = copy.copy(inventory['all_hosts']) + + def apply_clone_groups(self, inventory, clone_groups): + ''' Apply the account config for clone groups ''' + for to_name, from_name in clone_groups.items(): + for name, data in inventory['_meta']['hostvars'].items(): key = '%s_%s' % (to_name, self.get_entry(data, from_name)) - if not results.has_key(key): - results[key] = [] - results[key].append(name) + if not inventory.has_key(key): + inventory[key] = [] + inventory[key].append(name) + + def apply_group_selectors(self, inventory, group_selectors): + ''' Apply the account config for group selectors ''' + _ = self # Here for pylint. wanted an instance method instead of static + # There could be multiple clusters per account. We need to process these selectors + # based upon the oo_clusterid_ variable. + clusterids = [group for group in inventory if "oo_clusterid_" in group] + + for clusterid in clusterids: + for selector in group_selectors: + if inventory.has_key(selector['from_group']): + hosts = list(set(inventory[clusterid]) & set(inventory[selector['from_group']])) + hosts.sort() + + # Multiple clusters in an account + if inventory.has_key(selector['name']): + inventory[selector['name']].extend(hosts[0:selector['count']]) + else: + inventory[selector['name']] = hosts[0:selector['count']] + + for host in hosts: + if host in inventory[selector['name']]: + inventory['_meta']['hostvars'][host][selector['name']] = True + else: + inventory['_meta']['hostvars'][host][selector['name']] = False + + def apply_account_config(self, acc_config): + ''' Apply account config settings ''' + results = self.all_inventory_results[acc_config['name']] + results['all_hosts'] = results['_meta']['hostvars'].keys() + + self.apply_extra_vars(results['_meta']['hostvars'], acc_config.get('extra_vars', {})) + + self.apply_clone_vars(results['_meta']['hostvars'], acc_config.get('clone_vars', {})) + + self.apply_extra_groups(results, acc_config.get('extra_groups', {})) + + self.apply_clone_groups(results, acc_config.get('clone_groups', {})) + + self.apply_group_selectors(results, acc_config.get('group_selectors', {})) # store the results back into all_inventory_results self.all_inventory_results[acc_config['name']] = results diff --git a/openshift-ansible.spec b/openshift-ansible.spec index 4beeed3dd..fa9940225 100644 --- a/openshift-ansible.spec +++ b/openshift-ansible.spec @@ -5,7 +5,7 @@ } Name: openshift-ansible -Version: 3.0.55 +Version: 3.0.65 Release: 1%{?dist} Summary: Openshift and Atomic Enterprise Ansible License: ASL 2.0 @@ -279,6 +279,89 @@ Atomic OpenShift Utilities includes %changelog +* Thu Mar 24 2016 Troy Dawson <tdawson@redhat.com> 3.0.65-1 +- Adding deployment config and refactored. (kwoodson@redhat.com) +- ManageIQ SA: Adding image-puller role (efreiber@redhat.com) + +* Wed Mar 23 2016 Troy Dawson <tdawson@redhat.com> 3.0.64-1 +- Latest cli updates from generated files (kwoodson@redhat.com) +- Add /dev to node containers (sdodson@redhat.com) +- Fix indention (whearn@redhat.com) +- Support setting local storage perFSGroup quota in node config. + (dgoodwin@redhat.com) +- Fix line break (whearn@redhat.com) +- Lock down permissions on named certificates (elyscape@gmail.com) +- Add namespace flag to oc create (whearn@redhat.com) + +* Mon Mar 21 2016 Kenny Woodson <kwoodson@redhat.com> 3.0.63-1 +- Modified group selectors for muliple clusters per account + (kwoodson@redhat.com) + +* Fri Mar 18 2016 Troy Dawson <tdawson@redhat.com> 3.0.62-1 +- Yaml editor first attempt (kwoodson@redhat.com) +- libvirt cluster variables cleanup (pep@redhat.com) + +* Thu Mar 17 2016 Troy Dawson <tdawson@redhat.com> 3.0.61-1 +- Bug 1317755 - Set insecure-registry for internal registry by default + (jdetiber@redhat.com) + +* Wed Mar 16 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.60-1 +- Fall back to deployment_type in openshift_facts. (abutcher@redhat.com) +- Fixing undefined variable check (kwoodson@redhat.com) +- Fix path to cacert on /healthz/ready check (sdodson@redhat.com) +- Load environment files in containerized installs (sdodson@redhat.com) +- change type to value_type (zhizhang@zhizhang-laptop-nay.redhat.com) +- change time from int to float (zhizhang@zhizhang-laptop-nay.redhat.com) +- change the check time from 1 hour to 2 hour (zhizhang@zhizhang-laptop- + nay.redhat.com) +- add item of time cost a app build and app create (zhizhang@zhizhang-laptop- + nay.redhat.com) +- add trigger for app creation with build process (zhizhang@zhizhang-laptop- + nay.redhat.com) +- add key of openshift.master.app.build.create (zhizhang@zhizhang-laptop- + nay.redhat.com) + +* Wed Mar 16 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.59-1 +- Only mask etcd service for containerized installls when it's installed + (sdodson@redhat.com) +- Provide cacert when performing health checks (abutcher@redhat.com) + +* Tue Mar 15 2016 Kenny Woodson <kwoodson@redhat.com> 3.0.58-1 +- Group selector feature added (kwoodson@redhat.com) +- nfs: replace yum with dnf (efreiber@redhat.com) +- Move common common facts to openshift_facts (jdetiber@redhat.com) +- perform oc client config tasks only once when ansible_ssh_user is root + (jdetiber@redhat.com) +- OSE/Origin < 3.2/1.2 should not get Docker 1.9 (sdodson@redhat.com) + +* Mon Mar 14 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.57-1 +- Docker stderr can break this script if ansible executes it remotely + (bleanhar@redhat.com) +- Handle HA master case (bleanhar@redhat.com) +- Bug 1315564 - Containerized installs require a running environment + (bleanhar@redhat.com) +- Updating the docker registry variables to use the new name + (bleanhar@redhat.com) +- Bug 1316761 - Skip the available version check if openshift_image_tag is + defined. (bleanhar@redhat.com) +- Ansible module to manage secrets for openshift api (kwoodson@redhat.com) + +* Mon Mar 14 2016 Kenny Woodson <kwoodson@redhat.com> 3.0.56-1 +- Updating our metadata tooling to work without env (kwoodson@redhat.com) +- improve ordering of systemd units (jdetiber@redhat.com) +- Docker role refactor (jdetiber@redhat.com) +- Ensure is_containerized is cast as bool. (abutcher@redhat.com) +- Sync latest to v1.2 (sdodson@redhat.com) +- Sync with latest image stream and templates (sdodson@redhat.com) +- Allow origin version to be passed in as an argument (sdodson@redhat.com) +- Add support for Openstack integration (sbaubeau@redhat.com) +- Expose log level on the monitor (abhat@nuagenetworks.net) +- openshift_facts: Safe cast additional bools (smunilla@redhat.com) +- openshift-ansible: Wrap boolean facts (smunilla@redhat.com) +- fixed copr releasers file (twiest@redhat.com) +- Libvirt provider fixes (jdetiber@redhat.com) +- Support log level configuration for plugin (abhat@nuagenetworks.net) + * Wed Mar 09 2016 Brenton Leanhardt <bleanhar@redhat.com> 3.0.55-1 - Bug 1315564 - upgrade to ose3.2 failed on Atomic Hosts (bleanhar@redhat.com) - Bug 1315563 - Upgrade failed to containerized install OSE 3.1 on RHEL diff --git a/playbooks/adhoc/openshift_hosted_logging_efk.yaml b/playbooks/adhoc/openshift_hosted_logging_efk.yaml new file mode 100644 index 000000000..a3121d046 --- /dev/null +++ b/playbooks/adhoc/openshift_hosted_logging_efk.yaml @@ -0,0 +1,6 @@ +--- +- hosts: masters[0] + roles: + - role: openshift_hosted_logging + openshift_hosted_logging_cleanup: no + diff --git a/playbooks/byo/openshift-cluster/cluster_hosts.yml b/playbooks/byo/openshift-cluster/cluster_hosts.yml index 8893db245..658204c17 100644 --- a/playbooks/byo/openshift-cluster/cluster_hosts.yml +++ b/playbooks/byo/openshift-cluster/cluster_hosts.yml @@ -14,4 +14,6 @@ g_new_node_hosts: "{{ groups.new_nodes | default([]) }}" g_nfs_hosts: "{{ groups.nfs | default([]) }}" g_all_hosts: "{{ g_master_hosts | union(g_node_hosts) | union(g_etcd_hosts) - | union(g_lb_hosts) | default([]) }}" + | union(g_lb_hosts) | union(g_nfs_hosts) + | union(g_new_node_hosts)| union(g_new_master_hosts) + | default([]) }}" diff --git a/playbooks/common/openshift-cluster/config.yml b/playbooks/common/openshift-cluster/config.yml index 23c8f039e..2411e7360 100644 --- a/playbooks/common/openshift-cluster/config.yml +++ b/playbooks/common/openshift-cluster/config.yml @@ -3,7 +3,27 @@ - include: validate_hostnames.yml -- include: ../openshift-docker/config.yml +- name: Set oo_options + hosts: oo_hosts_to_config + tasks: + - set_fact: + openshift_docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') }}" + when: openshift_docker_additional_registries is not defined + - set_fact: + openshift_docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') }}" + when: openshift_docker_insecure_registries is not defined + - set_fact: + openshift_docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') }}" + when: openshift_docker_blocked_registries is not defined + - set_fact: + openshift_docker_options: "{{ lookup('oo_option', 'docker_options') }}" + when: openshift_docker_options is not defined + - set_fact: + openshift_docker_log_driver: "{{ lookup('oo_option', 'docker_log_driver') }}" + when: openshift_docker_log_driver is not defined + - set_fact: + openshift_docker_log_options: "{{ lookup('oo_option', 'docker_log_options') }}" + when: openshift_docker_log_options is not defined - include: ../openshift-etcd/config.yml diff --git a/playbooks/common/openshift-cluster/evaluate_groups.yml b/playbooks/common/openshift-cluster/evaluate_groups.yml index 432a92b49..ce0134c44 100644 --- a/playbooks/common/openshift-cluster/evaluate_groups.yml +++ b/playbooks/common/openshift-cluster/evaluate_groups.yml @@ -29,6 +29,14 @@ msg: The nfs group must be limited to one host when: (groups[g_nfs_hosts] | default([])) | length > 1 + - name: Evaluate oo_all_hosts + add_host: + name: "{{ item }}" + groups: oo_all_hosts + ansible_ssh_user: "{{ g_ssh_user | default(omit) }}" + ansible_sudo: "{{ g_sudo | default(omit) }}" + with_items: "{{ g_all_hosts | default([]) }}" + - name: Evaluate oo_masters add_host: name: "{{ item }}" diff --git a/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh b/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh index da6bcd23c..7a1edf38f 100644 --- a/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh +++ b/playbooks/common/openshift-cluster/upgrades/files/openshift_container_versions.sh @@ -4,7 +4,7 @@ # We just need to know the version of one of them. unit_file=$(ls /etc/systemd/system/${1}*.service | head -n1) installed_container_name=$(basename -s .service ${unit_file}) -installed=$(docker exec ${installed_container_name} openshift version | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v') +installed=$(docker exec ${installed_container_name} openshift version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v') if [ ${1} == "origin" ]; then image_name="openshift/origin" @@ -15,7 +15,7 @@ elif grep openshift3 $unit_file 2>&1 > /dev/null; then fi docker pull ${image_name} 2>&1 > /dev/null -available=$(docker run --rm ${image_name} version | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v') +available=$(docker run --rm ${image_name} version 2> /dev/null | grep openshift | awk '{ print $2 }' | cut -f1 -d"-" | tr -d 'v') echo "---" echo "curr_version: ${installed}" diff --git a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml index 6d7cefc8e..31ba8c4a9 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_0_to_v3_1/upgrade.yml @@ -212,13 +212,10 @@ - name: Update deployment type hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config + vars: + openshift_deployment_type: "{{ deployment_type }}" roles: - openshift_facts - post_tasks: - - openshift_facts: - role: common - local_facts: - deployment_type: "{{ deployment_type }}" - name: Update master facts hosts: oo_masters_to_config diff --git a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml index c9afca559..668a80996 100644 --- a/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml +++ b/playbooks/common/openshift-cluster/upgrades/v3_1_to_v3_2/pre.yml @@ -24,7 +24,6 @@ - name: Verify upgrade can proceed hosts: oo_first_master vars: - openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}" gather_facts: no tasks: @@ -47,6 +46,42 @@ when: openshift_image_tag is defined and openshift_image_tag.split('v',1).1 | version_compare(target_version ,'<') - name: Verify upgrade can proceed + hosts: oo_masters_to_config + vars: + openshift_master_ha: "{{ groups.oo_masters_to_config | length > 1 }}" + tasks: + - name: Ensure Master is running + service: + name: "{{ openshift.common.service_type }}-master" + state: started + enabled: yes + when: not openshift_master_ha | bool and openshift.common.is_containerized | bool + + - name: Ensure HA Master is running + service: + name: "{{ openshift.common.service_type }}-master-api" + state: started + enabled: yes + when: openshift_master_ha | bool and openshift.common.is_containerized | bool + + - name: Ensure HA Master is running + service: + name: "{{ openshift.common.service_type }}-master-controllers" + state: started + enabled: yes + when: openshift_master_ha | bool and openshift.common.is_containerized | bool + +- name: Verify upgrade can proceed + hosts: oo_nodes_to_config + tasks: + - name: Ensure Node is running + service: + name: "{{ openshift.common.service_type }}-node" + state: started + enabled: yes + when: openshift.common.is_containerized | bool + +- name: Verify upgrade can proceed hosts: oo_masters_to_config:oo_nodes_to_config vars: target_version: "{{ '1.2' if deployment_type == 'origin' else '3.1.1.900' }}" @@ -116,10 +151,9 @@ msg: This playbook requires Atomic Enterprise Platform/OpenShift Enterprise 3.1 or later when: deployment_type == 'atomic-openshift' and g_aos_versions.curr_version | version_compare('3.1','<') - # TODO: this may only make sense for RPM installs. We probably need another check for containerized installs. - fail: msg: Upgrade packages not found - when: (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) + when: openshift_image_tag is not defined and (g_aos_versions.avail_version | default(g_aos_versions.curr_version, true) | version_compare(target_version, '<')) - name: Determine available Docker script: ../files/rpm_versions.sh docker diff --git a/playbooks/common/openshift-cluster/validate_hostnames.yml b/playbooks/common/openshift-cluster/validate_hostnames.yml index fd82997b9..0f562e019 100644 --- a/playbooks/common/openshift-cluster/validate_hostnames.yml +++ b/playbooks/common/openshift-cluster/validate_hostnames.yml @@ -6,14 +6,6 @@ roles: - openshift_facts tasks: - - openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: common - local_facts: - hostname: "{{ openshift_hostname | default(None) }}" - public_hostname: "{{ openshift_public_hostname | default(None) }}" - shell: getent ahostsv4 {{ openshift.common.hostname }} | head -n 1 | awk '{ print $1 }' register: lookupip diff --git a/playbooks/common/openshift-docker/config.yml b/playbooks/common/openshift-docker/config.yml deleted file mode 100644 index 092d5533c..000000000 --- a/playbooks/common/openshift-docker/config.yml +++ /dev/null @@ -1,9 +0,0 @@ -- name: Configure docker hosts - hosts: oo_masters_to_config:oo_nodes_to_config:oo_etcd_to_config - vars: - docker_additional_registries: "{{ lookup('oo_option', 'docker_additional_registries') | oo_split }}" - docker_insecure_registries: "{{ lookup('oo_option', 'docker_insecure_registries') | oo_split }}" - docker_blocked_registries: "{{ lookup('oo_option', 'docker_blocked_registries') | oo_split }}" - roles: - - openshift_facts - - openshift_docker diff --git a/playbooks/common/openshift-docker/filter_plugins b/playbooks/common/openshift-docker/filter_plugins deleted file mode 120000 index 99a95e4ca..000000000 --- a/playbooks/common/openshift-docker/filter_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../filter_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/lookup_plugins b/playbooks/common/openshift-docker/lookup_plugins deleted file mode 120000 index ac79701db..000000000 --- a/playbooks/common/openshift-docker/lookup_plugins +++ /dev/null @@ -1 +0,0 @@ -../../../lookup_plugins
\ No newline at end of file diff --git a/playbooks/common/openshift-docker/roles b/playbooks/common/openshift-docker/roles deleted file mode 120000 index 20c4c58cf..000000000 --- a/playbooks/common/openshift-docker/roles +++ /dev/null @@ -1 +0,0 @@ -../../../roles
\ No newline at end of file diff --git a/playbooks/common/openshift-etcd/config.yml b/playbooks/common/openshift-etcd/config.yml index 93eb157cb..06fbd6862 100644 --- a/playbooks/common/openshift-etcd/config.yml +++ b/playbooks/common/openshift-etcd/config.yml @@ -5,17 +5,9 @@ - openshift_facts tasks: - openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: common - local_facts: - hostname: "{{ openshift_hostname | default(None) }}" - public_hostname: "{{ openshift_public_hostname | default(None) }}" - deployment_type: "{{ openshift_deployment_type }}" - - role: etcd - local_facts: - etcd_image: "{{ osm_etcd_image | default(None) }}" + role: etcd + local_facts: + etcd_image: "{{ osm_etcd_image | default(None) }}" - name: Check status of etcd certificates stat: path: "{{ item }}" @@ -89,8 +81,8 @@ dest: "{{ etcd_cert_config_dir }}" when: etcd_server_certs_missing roles: - - etcd - - role: nickhammond.logrotate + - openshift_etcd + - nickhammond.logrotate # Configure the remaining etcd hosts, skipping the first one we dealt with above. - name: Configure remaining etcd hosts diff --git a/playbooks/common/openshift-master/config.yml b/playbooks/common/openshift-master/config.yml index 3c7d94c96..f1eaf8e16 100644 --- a/playbooks/common/openshift-master/config.yml +++ b/playbooks/common/openshift-master/config.yml @@ -1,6 +1,9 @@ --- - name: Set master facts and determine if external etcd certs need to be generated hosts: oo_masters_to_config + vars: + t_oo_option_master_debug_level: "{{ lookup('oo_option', 'openshift_master_debug_level') }}" + pre_tasks: - name: Check for RPM generated config marker file .config_managed stat: @@ -30,40 +33,29 @@ | default(none, true) }}" - set_fact: - openshift_master_debug_level: "{{ lookup('oo_option', 'openshift_master_debug_level') | default(openshift.common.debug_level, true) }}" - when: openshift_master_debug_level is not defined - + openshift_master_debug_level: "{{ t_oo_option_master_debug_level }}" + when: openshift_master_debug_level is not defined and t_oo_option_master_debug_level != "" roles: - openshift_facts post_tasks: - openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: common - local_facts: - hostname: "{{ openshift_hostname | default(None) }}" - ip: "{{ openshift_ip | default(None) }}" - public_hostname: "{{ openshift_public_hostname | default(None) }}" - public_ip: "{{ openshift_public_ip | default(None) }}" - deployment_type: "{{ openshift_deployment_type }}" - - role: master - local_facts: - api_port: "{{ openshift_master_api_port | default(None) }}" - api_url: "{{ openshift_master_api_url | default(None) }}" - api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" - controllers_port: "{{ openshift_master_controllers_port | default(None) }}" - public_api_url: "{{ openshift_master_public_api_url | default(None) }}" - cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" - cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" - console_path: "{{ openshift_master_console_path | default(None) }}" - console_port: "{{ openshift_master_console_port | default(None) }}" - console_url: "{{ openshift_master_console_url | default(None) }}" - console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" - public_console_url: "{{ openshift_master_public_console_url | default(None) }}" - portal_net: "{{ openshift_master_portal_net | default(None) }}" - ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}" - master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}" + role: master + local_facts: + api_port: "{{ openshift_master_api_port | default(None) }}" + api_url: "{{ openshift_master_api_url | default(None) }}" + api_use_ssl: "{{ openshift_master_api_use_ssl | default(None) }}" + controllers_port: "{{ openshift_master_controllers_port | default(None) }}" + public_api_url: "{{ openshift_master_public_api_url | default(None) }}" + cluster_hostname: "{{ openshift_master_cluster_hostname | default(None) }}" + cluster_public_hostname: "{{ openshift_master_cluster_public_hostname | default(None) }}" + console_path: "{{ openshift_master_console_path | default(None) }}" + console_port: "{{ openshift_master_console_port | default(None) }}" + console_url: "{{ openshift_master_console_url | default(None) }}" + console_use_ssl: "{{ openshift_master_console_use_ssl | default(None) }}" + public_console_url: "{{ openshift_master_public_console_url | default(None) }}" + portal_net: "{{ openshift_master_portal_net | default(None) }}" + ha: "{{ openshift_master_ha | default(groups.oo_masters | length > 1) }}" + master_count: "{{ openshift_master_count | default(groups.oo_masters | length) }}" - openshift_facts: role: hosted openshift_env: @@ -319,13 +311,14 @@ file: path: "{{ named_certs_dir }}" state: directory + mode: 0700 when: named_certs_specified | bool - name: Land named certificates copy: src="{{ item.certfile }}" dest="{{ named_certs_dir }}" with_items: openshift_master_named_certificates when: named_certs_specified | bool - name: Land named certificate keys - copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" + copy: src="{{ item.keyfile }}" dest="{{ named_certs_dir }}" mode=0600 with_items: openshift_master_named_certificates when: named_certs_specified | bool diff --git a/playbooks/common/openshift-master/scaleup.yml b/playbooks/common/openshift-master/scaleup.yml index ccb1d23f1..6e6cb3e01 100644 --- a/playbooks/common/openshift-master/scaleup.yml +++ b/playbooks/common/openshift-master/scaleup.yml @@ -33,7 +33,8 @@ service: name={{ openshift.common.service_type }}-master-controllers state=restarted - name: verify api server command: > - curl -k --silent {{ openshift.master.api_url }}/healthz/ready + curl --silent --cacert {{ openshift.common.config_base }}/master/ca.crt + {{ openshift.master.api_url }}/healthz/ready register: api_available_output until: api_available_output.stdout == 'ok' retries: 120 diff --git a/playbooks/common/openshift-node/config.yml b/playbooks/common/openshift-node/config.yml index c62167bd3..7ca941732 100644 --- a/playbooks/common/openshift-node/config.yml +++ b/playbooks/common/openshift-node/config.yml @@ -1,10 +1,12 @@ --- - name: Gather and set facts for node hosts hosts: oo_nodes_to_config + vars: + t_oo_option_node_debug_level: "{{ lookup('oo_option', 'openshift_node_debug_level') }}" pre_tasks: - set_fact: - openshift_node_debug_level: "{{ lookup('oo_option', 'openshift_node_debug_level') | default(openshift.common.debug_level, true) }}" - when: openshift_node_debug_level is not defined + openshift_node_debug_level: "{{ t_oo_option_node_debug_level }}" + when: openshift_node_debug_level is not defined and t_oo_option_node_debug_level != "" roles: - openshift_facts tasks: @@ -12,20 +14,11 @@ # configured, we need to make sure to set the node properties beforehand if # we do not want the defaults - openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: common - local_facts: - hostname: "{{ openshift_hostname | default(None) }}" - public_hostname: "{{ openshift_public_hostname | default(None) }}" - deployment_type: "{{ openshift_deployment_type }}" - use_flannel: "{{ openshift_use_flannel | default(None) }}" - - role: node - local_facts: - labels: "{{ openshift_node_labels | default(None) }}" - annotations: "{{ openshift_node_annotations | default(None) }}" - schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" + role: node + local_facts: + labels: "{{ openshift_node_labels | default(None) }}" + annotations: "{{ openshift_node_annotations | default(None) }}" + schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" - name: Check status of node certificates stat: path: "{{ openshift.common.config_base }}/node/{{ item }}" @@ -43,22 +36,6 @@ node_subdir: node-{{ openshift.common.hostname }} config_dir: "{{ openshift.common.config_base }}/generated-configs/node-{{ openshift.common.hostname }}" node_cert_dir: "{{ openshift.common.config_base }}/node" - - name: Check status of flannel external etcd certificates - stat: - path: "{{ openshift.common.config_base }}/node/{{ item }}" - with_items: - - node.etcd-client.crt - - node.etcd-ca.crt - register: g_external_etcd_flannel_cert_stat_result - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - - set_fact: - etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results - | oo_collect(attribute='stat.exists') - | list | intersect([false])}}" - etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} - etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" - etcd_cert_prefix: node.etcd- - when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) - name: Create temp directory for syncing certs hosts: localhost @@ -71,65 +48,6 @@ register: mktemp changed_when: False -- name: Configure flannel etcd certificates - hosts: oo_first_etcd - vars: - etcd_generated_certs_dir: /etc/etcd/generated_certs - sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" - pre_tasks: - - set_fact: - etcd_needing_client_certs: "{{ hostvars - | oo_select_keys(groups['oo_nodes_to_config']) - | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - roles: - - role: etcd_certificates - when: openshift_use_flannel | default(false) | bool - post_tasks: - - name: Create a tarball of the etcd flannel certs - command: > - tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz - -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . - args: - creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" - with_items: etcd_needing_client_certs - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - - name: Retrieve the etcd cert tarballs - fetch: - src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" - dest: "{{ sync_tmpdir }}/" - flat: yes - fail_on_missing: yes - validate_checksum: yes - with_items: etcd_needing_client_certs - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - -- name: Copy the external etcd flannel certs to the nodes - hosts: oo_nodes_to_config - vars: - sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" - tasks: - - name: Ensure certificate directory exists - file: - path: "{{ openshift.common.config_base }}/node" - state: directory - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - - name: Unarchive the tarball on the master - unarchive: - src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" - dest: "{{ etcd_cert_config_dir }}" - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - - file: - path: "{{ etcd_cert_config_dir }}/{{ item }}" - owner: root - group: root - mode: 0600 - with_items: - - node.etcd-client.crt - - node.etcd-client.key - - node.etcd-ca.crt - when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing - - name: Create node certificates hosts: oo_first_master vars: @@ -197,6 +115,11 @@ vars: openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" + # TODO: configure these based on + # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of + # hardcoding + openshift_docker_hosted_registry_insecure: True + openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}" roles: - openshift_node @@ -205,9 +128,94 @@ vars: openshift_node_master_api_url: "{{ hostvars[groups.oo_first_master.0].openshift.master.api_url }}" openshift_node_first_master_ip: "{{ hostvars[groups.oo_first_master.0].openshift.common.ip }}" + # TODO: configure these based on + # hostvars[groups.oo_first_master.0].openshift.hosted.registry instead of + # hardcoding + openshift_docker_hosted_registry_insecure: True + openshift_docker_hosted_registry_network: "{{ hostvars[groups.oo_first_master.0].openshift.master.portal_net }}" roles: - openshift_node +- name: Gather and set facts for flannel certificatess + hosts: oo_nodes_to_config + tasks: + - name: Check status of flannel external etcd certificates + stat: + path: "{{ openshift.common.config_base }}/node/{{ item }}" + with_items: + - node.etcd-client.crt + - node.etcd-ca.crt + register: g_external_etcd_flannel_cert_stat_result + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) + - set_fact: + etcd_client_flannel_certs_missing: "{{ g_external_etcd_flannel_cert_stat_result.results + | oo_collect(attribute='stat.exists') + | list | intersect([false])}}" + etcd_cert_subdir: openshift-node-{{ openshift.common.hostname }} + etcd_cert_config_dir: "{{ openshift.common.config_base }}/node" + etcd_cert_prefix: node.etcd- + when: groups.oo_etcd_to_config is defined and groups.oo_etcd_to_config and (openshift.common.use_flannel | bool) + +- name: Configure flannel etcd certificates + hosts: oo_first_etcd + vars: + etcd_generated_certs_dir: /etc/etcd/generated_certs + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + pre_tasks: + - set_fact: + etcd_needing_client_certs: "{{ hostvars + | oo_select_keys(groups['oo_nodes_to_config']) + | oo_filter_list(filter_attr='etcd_client_flannel_certs_missing') | default([]) }}" + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + roles: + - role: etcd_certificates + when: openshift_use_flannel | default(false) | bool + post_tasks: + - name: Create a tarball of the etcd flannel certs + command: > + tar -czvf {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz + -C {{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }} . + args: + creates: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + with_items: etcd_needing_client_certs + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Retrieve the etcd cert tarballs + fetch: + src: "{{ etcd_generated_certs_dir }}/{{ item.etcd_cert_subdir }}.tgz" + dest: "{{ sync_tmpdir }}/" + flat: yes + fail_on_missing: yes + validate_checksum: yes + with_items: etcd_needing_client_certs + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + +- name: Copy the external etcd flannel certs to the nodes + hosts: oo_nodes_to_config + vars: + sync_tmpdir: "{{ hostvars.localhost.mktemp.stdout }}" + tasks: + - name: Ensure certificate directory exists + file: + path: "{{ openshift.common.config_base }}/node" + state: directory + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - name: Unarchive the tarball on the master + unarchive: + src: "{{ sync_tmpdir }}/{{ etcd_cert_subdir }}.tgz" + dest: "{{ etcd_cert_config_dir }}" + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + - file: + path: "{{ etcd_cert_config_dir }}/{{ item }}" + owner: root + group: root + mode: 0600 + with_items: + - node.etcd-client.crt + - node.etcd-client.key + - node.etcd-ca.crt + when: etcd_client_flannel_certs_missing is defined and etcd_client_flannel_certs_missing + + - name: Additional node config hosts: oo_nodes_to_config vars: @@ -258,7 +266,8 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl -k --silent {{ openshift.master.api_url }}/healthz/ready + curl --silent --cacert {{ openshift.common.config_base }}/master/ca.crt + {{ openshift.master.api_url }}/healthz/ready register: api_available_output until: api_available_output.stdout == 'ok' retries: 120 diff --git a/playbooks/libvirt/openshift-cluster/launch.yml b/playbooks/libvirt/openshift-cluster/launch.yml index 3a48c82bc..701d57d26 100644 --- a/playbooks/libvirt/openshift-cluster/launch.yml +++ b/playbooks/libvirt/openshift-cluster/launch.yml @@ -7,9 +7,6 @@ vars_files: - vars.yml vars: - os_libvirt_storage_pool: "{{ libvirt_storage_pool | default('images') }}" - os_libvirt_storage_pool_path: "{{ libvirt_storage_pool_path | default('/var/lib/libvirt/images') }}" - os_libvirt_network: "{{ libvirt_network | default('default') }}" image_url: "{{ deployment_vars[deployment_type].image.url }}" image_sha256: "{{ deployment_vars[deployment_type].image.sha256 }}" image_name: "{{ deployment_vars[deployment_type].image.name }}" diff --git a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml index b00352539..937a765fa 100644 --- a/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml +++ b/playbooks/libvirt/openshift-cluster/tasks/launch_instances.yml @@ -13,54 +13,58 @@ get_url: url: '{{ image_url }}' sha256sum: '{{ image_sha256 }}' - dest: '{{ os_libvirt_storage_pool_path }}/{{ [image_name, image_compression] | reject("equalto", "") | join(".") }}' + dest: '{{ libvirt_storage_pool_path }}/{{ [image_name, image_compression] | difference([""]) | join(".") }}' when: '{{ ( lookup("oo_option", "skip_image_download") | default("no", True) | lower ) in ["false", "no"] }}' register: downloaded_image - name: Uncompress xz compressed base cloud image - command: 'unxz -kf {{ os_libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' + command: 'unxz -kf {{ libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' args: - creates: '{{ os_libvirt_storage_pool_path }}/{{ image_name }}' + creates: '{{ libvirt_storage_pool_path }}/{{ image_name }}' when: image_compression in ["xz"] and downloaded_image.changed - name: Uncompress tgz compressed base cloud image - command: 'tar zxvf {{ os_libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' + command: 'tar zxvf {{ libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' args: - creates: '{{ os_libvirt_storage_pool_path }}/{{ image_name }}' + creates: '{{ libvirt_storage_pool_path }}/{{ image_name }}' when: image_compression in ["tgz"] and downloaded_image.changed - name: Uncompress gzip compressed base cloud image - command: 'gunzip {{ os_libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' + command: 'gunzip {{ libvirt_storage_pool_path }}/{{ [image_name, image_compression] | join(".") }}' args: - creates: '{{ os_libvirt_storage_pool_path }}/{{ image_name }}' + creates: '{{ libvirt_storage_pool_path }}/{{ image_name }}' when: image_compression in ["gz"] and downloaded_image.changed - name: Create the cloud-init config drive path file: - dest: '{{ os_libvirt_storage_pool_path }}/{{ item }}_configdrive/' + dest: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/' state: directory with_items: instances - name: Create the cloud-init config drive files template: src: '{{ item[1] }}' - dest: '{{ os_libvirt_storage_pool_path }}/{{ item[0] }}_configdrive/{{ item[1] }}' + dest: '{{ libvirt_storage_pool_path }}/{{ item[0] }}_configdrive/{{ item[1] }}' with_nested: - instances - [ user-data, meta-data ] - name: Create the cloud-init config drive - command: 'genisoimage -output {{ os_libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso -volid cidata -joliet -rock user-data meta-data' + command: 'genisoimage -output {{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso -volid cidata -joliet -rock user-data meta-data' args: - chdir: '{{ os_libvirt_storage_pool_path }}/{{ item }}_configdrive/' - creates: '{{ os_libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso' + chdir: '{{ libvirt_storage_pool_path }}/{{ item }}_configdrive/' + creates: '{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso' with_items: instances - name: Refresh the libvirt storage pool for openshift command: 'virsh -c {{ libvirt_uri }} pool-refresh {{ libvirt_storage_pool }}' -- name: Create VMs drives - command: 'virsh -c {{ libvirt_uri }} vol-create-as {{ os_libvirt_storage_pool }} {{ item }}.qcow2 10G --format qcow2 --backing-vol {{ image_name }} --backing-vol-format qcow2' +- name: Create VM drives + command: 'virsh -c {{ libvirt_uri }} vol-create-as {{ libvirt_storage_pool }} {{ item }}.qcow2 10G --format qcow2 --backing-vol {{ image_name }} --backing-vol-format qcow2' + with_items: instances + +- name: Create VM docker drives + command: 'virsh -c {{ libvirt_uri }} vol-create-as {{ libvirt_storage_pool }} {{ item }}-docker.qcow2 10G --format qcow2 --allocation 0' with_items: instances - name: Create VMs diff --git a/playbooks/libvirt/openshift-cluster/templates/domain.xml b/playbooks/libvirt/openshift-cluster/templates/domain.xml index 0ca8e0974..8e96cec8d 100644 --- a/playbooks/libvirt/openshift-cluster/templates/domain.xml +++ b/playbooks/libvirt/openshift-cluster/templates/domain.xml @@ -1,6 +1,6 @@ <domain type='kvm' id='8'> <name>{{ item }}</name> - <memory unit='GiB'>1</memory> + <memory unit='MiB'>{{ libvirt_instance_memory_mib }}</memory> <metadata xmlns:ansible="https://github.com/ansible/ansible"> <ansible:tags> <ansible:tag>environment-{{ cluster_env }}</ansible:tag> @@ -9,8 +9,7 @@ <ansible:tag>sub-host-type-{{ g_sub_host_type }}</ansible:tag> </ansible:tags> </metadata> - <currentMemory unit='GiB'>1</currentMemory> - <vcpu placement='static'>2</vcpu> + <vcpu placement='static'>{{ libvirt_instance_vcpu }}</vcpu> <os> <type arch='x86_64' machine='pc'>hvm</type> <boot dev='hd'/> @@ -32,18 +31,23 @@ <emulator>/usr/bin/qemu-system-x86_64</emulator> <disk type='file' device='disk'> <driver name='qemu' type='qcow2'/> - <source file='{{ os_libvirt_storage_pool_path }}/{{ item }}.qcow2'/> + <source file='{{ libvirt_storage_pool_path }}/{{ item }}.qcow2'/> <target dev='vda' bus='virtio'/> </disk> + <disk type='file' device='disk'> + <driver name='qemu' type='qcow2'/> + <source file='{{ libvirt_storage_pool_path }}/{{ item }}-docker.qcow2'/> + <target dev='vdb' bus='virtio'/> + </disk> <disk type='file' device='cdrom'> <driver name='qemu' type='raw'/> - <source file='{{ os_libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso'/> - <target dev='vdb' bus='virtio'/> + <source file='{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso'/> + <target dev='vdc' bus='virtio'/> <readonly/> </disk> <controller type='usb' index='0' /> <interface type='network'> - <source network='{{ os_libvirt_network }}'/> + <source network='{{ libvirt_network }}'/> <model type='virtio'/> </interface> <serial type='pty'> diff --git a/playbooks/libvirt/openshift-cluster/templates/user-data b/playbooks/libvirt/openshift-cluster/templates/user-data index ead881f78..8b79940f4 100644 --- a/playbooks/libvirt/openshift-cluster/templates/user-data +++ b/playbooks/libvirt/openshift-cluster/templates/user-data @@ -4,6 +4,9 @@ disable_root: true hostname: {{ item[0] }} fqdn: {{ item[0] }}.example.com +mounts: +- [ vdb ] + users: - default - name: root @@ -23,6 +26,12 @@ write_files: permissions: 440 content: | Defaults:openshift !requiretty + - content: | + DEVS=/dev/vdb + VG=docker_vg + path: /etc/sysconfig/docker-storage-setup + owner: root:root + permissions: '0644' runcmd: - NETWORK_CONFIG=/etc/sysconfig/network-scripts/ifcfg-eth0; if ! grep DHCP_HOSTNAME ${NETWORK_CONFIG}; then echo 'DHCP_HOSTNAME="{{ item[0] }}.example.com"' >> ${NETWORK_CONFIG}; fi; pkill -9 dhclient; service network restart diff --git a/playbooks/libvirt/openshift-cluster/terminate.yml b/playbooks/libvirt/openshift-cluster/terminate.yml index f4749c28d..d6251ac83 100644 --- a/playbooks/libvirt/openshift-cluster/terminate.yml +++ b/playbooks/libvirt/openshift-cluster/terminate.yml @@ -45,12 +45,18 @@ - groups['oo_hosts_to_terminate'] - [ destroy, undefine ] - - name: Delete VMs drives + - name: Delete VM drives command: 'virsh -c {{ libvirt_uri }} vol-delete --pool {{ libvirt_storage_pool }} {{ item }}.qcow2' args: removes: '{{ libvirt_storage_pool_path }}/{{ item }}.qcow2' with_items: groups['oo_hosts_to_terminate'] + - name: Delete VM docker drives + command: 'virsh -c {{ libvirt_uri }} vol-delete --pool {{ libvirt_storage_pool }} {{ item }}-docker.qcow2' + args: + removes: '{{ libvirt_storage_pool_path }}/{{ item }}-docker.qcow2' + with_items: groups['oo_hosts_to_terminate'] + - name: Delete the VM cloud-init image file: path: '{{ libvirt_storage_pool_path }}/{{ item }}_cloud-init.iso' diff --git a/playbooks/libvirt/openshift-cluster/vars.yml b/playbooks/libvirt/openshift-cluster/vars.yml index f28245f88..aa0c69e08 100644 --- a/playbooks/libvirt/openshift-cluster/vars.yml +++ b/playbooks/libvirt/openshift-cluster/vars.yml @@ -1,8 +1,11 @@ --- -libvirt_storage_pool_path: "{{ lookup('env','HOME') }}/libvirt-storage-pool-openshift-ansible" -libvirt_storage_pool: 'openshift-ansible' -libvirt_network: openshift-ansible -libvirt_uri: 'qemu:///system' +default_pool_path: "{{ lookup('env','HOME') }}/libvirt-storage-pool-openshift-ansible" +libvirt_storage_pool_path: "{{ lookup('oo_option', 'libvirt_storage_pool_path') | default(default_pool_path, True) }}" +libvirt_storage_pool: "{{ lookup('oo_option', 'libvirt_storage_pool') | default('openshift-ansible', True) }}" +libvirt_network: "{{ lookup('oo_option', 'libvirt_network') | default('openshift-ansible', True) }}" +libvirt_instance_memory_mib: "{{ lookup('oo_option', 'libvirt_instance_memory_mib') | default(1024, True) }}" +libvirt_instance_vcpu: "{{ lookup('oo_option', 'libvirt_instance_vcpu') | default(2, True) }}" +libvirt_uri: "{{ lookup('oo_option', 'libvirt_uri') | default('qemu:///system', True) }}" debug_level: 2 # Automatic download of the qcow2 image for RHEL cannot be done directly from the RedHat portal because it requires authentication. diff --git a/roles/docker/handlers/main.yml b/roles/docker/handlers/main.yml index 9f827417f..aff905bc8 100644 --- a/roles/docker/handlers/main.yml +++ b/roles/docker/handlers/main.yml @@ -4,7 +4,7 @@ service: name: docker state: restarted - when: not docker_service_status_changed | default(false) + when: not docker_service_status_changed | default(false) | bool - name: restart udev service: diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index a56f1f391..9709c5014 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -1,9 +1,33 @@ --- # tasks file for docker + +# Avoid docker 1.9 when installing origin < 1.2 or OSE < 3.2 on RHEL/Centos and +# See: https://bugzilla.redhat.com/show_bug.cgi?id=1304038 + +- name: Default to latest docker for 1.2/3.2 or Fedora + set_fact: + docker_version: '' + when: openshift.common.version_gte_3_2_or_1_2 | bool or ansible_distribution == 'Fedora' + +- name: Gather latest version of docker + shell: > + yum list available -e 0 -q "docker" 2>&1 | tail -n +2 | awk '{ print $2 }' | sort -r | tr '\n' ' ' | tail -n 1 + register: latest_docker + when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora' + +- name: Check if Docker 1.9 is the latest + set_fact: + docker19_is_latest: "{{ True if '1.9' in latest_docker.stdout else False }}" + when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora' + +- set_fact: + docker_version: "{{ '-1.8.2' if docker19_is_latest | bool else ''}}" + when: not openshift.common.version_gte_3_2_or_1_2 | bool and ansible_distribution != 'Fedora' + - name: Install docker - action: "{{ ansible_pkg_mgr }} name=docker state=present" + action: "{{ ansible_pkg_mgr }} name=docker{{ docker_version }} state=present" when: not openshift.common.is_atomic | bool - + - name: enable and start the docker service service: name: docker @@ -15,4 +39,42 @@ docker_service_status_changed: start_result | changed - include: udev_workaround.yml - when: docker_udev_workaround | default(False) + when: docker_udev_workaround | default(False) | bool + +- stat: path=/etc/sysconfig/docker + register: docker_check + +- name: Set registry params + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^{{ item.reg_conf_var }}=.*$' + line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" + when: item.reg_fact_val != '' and docker_check.stat.isreg + with_items: + - reg_conf_var: ADD_REGISTRY + reg_fact_val: "{{ docker_additional_registries | default(None, true)}}" + reg_flag: --add-registry + - reg_conf_var: BLOCK_REGISTRY + reg_fact_val: "{{ docker_blocked_registries| default(None, true) }}" + reg_flag: --block-registry + - reg_conf_var: INSECURE_REGISTRY + reg_fact_val: "{{ docker_insecure_registries| default(None, true) }}" + reg_flag: --insecure-registry + notify: + - restart docker + +- name: Set various docker options + lineinfile: + dest: /etc/sysconfig/docker + regexp: '^OPTIONS=.*$' + line: "OPTIONS='\ + {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\ + {% if docker_log_driver is defined %} --log-driver {{ docker_log_driver }}{% endif %}\ + {% if docker_log_options is defined %} {{ docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\ + {% if docker_options is defined %} {{ docker_options }}{% endif %}\ + {% if docker_disable_push_dockerhub is defined %} --confirm-def-push={{ docker_disable_push_dockerhub | bool }}{% endif %}'" + when: docker_check.stat.isreg + notify: + - restart docker + +- meta: flush_handlers diff --git a/roles/etcd/tasks/main.yml b/roles/etcd/tasks/main.yml index e72509c4d..064544b03 100644 --- a/roles/etcd/tasks/main.yml +++ b/roles/etcd/tasks/main.yml @@ -36,9 +36,17 @@ state: stopped enabled: no +- name: Check for etcd service presence + command: systemctl show etcd.service + register: etcd_show + +- name: Mask system etcd when containerized + when: openshift.common.is_containerized | bool and 'LoadState=not-found' not in etcd_show.stdout + command: systemctl mask etcd + - name: Reload systemd units command: systemctl daemon-reload - when: openshift.common.is_containerized and ( install_etcd_result | changed ) + when: openshift.common.is_containerized | bool and ( install_etcd_result | changed ) - name: Validate permissions on the config dir file: diff --git a/roles/etcd/templates/etcd.docker.service b/roles/etcd/templates/etcd.docker.service index 8058fa188..defc070bd 100644 --- a/roles/etcd/templates/etcd.docker.service +++ b/roles/etcd/templates/etcd.docker.service @@ -1,12 +1,15 @@ [Unit] Description=The Etcd Server container After=docker.service +Requires=docker.service +PartOf=docker.service [Service] EnvironmentFile=/etc/etcd/etcd.conf ExecStartPre=-/usr/bin/docker rm -f {{ etcd_service }} ExecStart=/usr/bin/docker run --name {{ etcd_service }} --rm -v /var/lib/etcd:/var/lib/etcd:z -v /etc/etcd:/etc/etcd:z --env-file=/etc/etcd/etcd.conf --net=host --entrypoint=/usr/bin/etcd {{ openshift.etcd.etcd_image }} ExecStop=/usr/bin/docker stop {{ etcd_service }} +SyslogIdentifier=etcd_container Restart=always [Install] diff --git a/roles/lib_openshift_api/library/oc_deploymentconfig.py b/roles/lib_openshift_api/library/oc_deploymentconfig.py new file mode 100644 index 000000000..fbdaa8e9c --- /dev/null +++ b/roles/lib_openshift_api/library/oc_deploymentconfig.py @@ -0,0 +1,377 @@ +#!/usr/bin/env python +''' + OpenShiftCLI class that wraps the oc commands in a subprocess +''' +import atexit +import json +import os +import shutil +import subprocess +import yaml + +class OpenShiftCLI(object): + ''' Class to wrap the oc command line tools ''' + def __init__(self, + namespace, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + self.namespace = namespace + self.verbose = verbose + self.kubeconfig = kubeconfig + + def replace(self, fname, force=False): + '''return all pods ''' + cmd = ['replace', '-f', fname] + if force: + cmd = ['replace', '--force', '-f', fname] + return self.oc_cmd(cmd) + + def create(self, fname): + '''return all pods ''' + return self.oc_cmd(['create', '-f', fname, '-n', self.namespace]) + + def delete(self, resource, rname): + '''return all pods ''' + return self.oc_cmd(['delete', resource, rname, '-n', self.namespace]) + + def get(self, resource, rname=None): + '''return a secret by name ''' + cmd = ['get', resource, '-o', 'json', '-n', self.namespace] + if rname: + cmd.append(rname) + + rval = self.oc_cmd(cmd, output=True) + + # Ensure results are retuned in an array + if rval.has_key('items'): + rval['results'] = rval['items'] + elif not isinstance(rval['results'], list): + rval['results'] = [rval['results']] + + return rval + + def oc_cmd(self, cmd, output=False): + '''Base command for oc ''' + #cmds = ['/usr/bin/oc', '--config', self.kubeconfig] + cmds = ['/usr/bin/oc'] + cmds.extend(cmd) + + results = '' + + if self.verbose: + print ' '.join(cmds) + + proc = subprocess.Popen(cmds, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + env={'KUBECONFIG': self.kubeconfig}) + proc.wait() + if proc.returncode == 0: + if output: + try: + results = json.loads(proc.stdout.read()) + except ValueError as err: + if "No JSON object could be decoded" in err.message: + results = err.message + + if self.verbose: + print proc.stderr.read() + print results + print + + return {"returncode": proc.returncode, "results": results} + + return {"returncode": proc.returncode, + "stderr": proc.stderr.read(), + "stdout": proc.stdout.read(), + "results": {} + } + +class Utils(object): + ''' utilities for openshiftcli modules ''' + @staticmethod + def create_file(rname, data, ftype=None): + ''' create a file in tmp with name and contents''' + path = os.path.join('/tmp', rname) + with open(path, 'w') as fds: + if ftype == 'yaml': + fds.write(yaml.dump(data, default_flow_style=False)) + + elif ftype == 'json': + fds.write(json.dumps(data)) + else: + fds.write(data) + + # Register cleanup when module is done + atexit.register(Utils.cleanup, [path]) + return path + + @staticmethod + def create_files_from_contents(data): + '''Turn an array of dict: filename, content into a files array''' + files = [] + + for sfile in data: + path = Utils.create_file(sfile['path'], sfile['content']) + files.append(path) + + return files + + @staticmethod + def cleanup(files): + '''Clean up on exit ''' + for sfile in files: + if os.path.exists(sfile): + if os.path.isdir(sfile): + shutil.rmtree(sfile) + elif os.path.isfile(sfile): + os.remove(sfile) + + + @staticmethod + def exists(results, _name): + ''' Check to see if the results include the name ''' + if not results: + return False + + + if Utils.find_result(results, _name): + return True + + return False + + @staticmethod + def find_result(results, _name): + ''' Find the specified result by name''' + rval = None + for result in results: + if result.has_key('metadata') and result['metadata']['name'] == _name: + rval = result + break + + return rval + + @staticmethod + def get_resource_file(sfile, sfile_type='yaml'): + ''' return the service file ''' + contents = None + with open(sfile) as sfd: + contents = sfd.read() + + if sfile_type == 'yaml': + contents = yaml.load(contents) + elif sfile_type == 'json': + contents = json.loads(contents) + + return contents + + # Disabling too-many-branches. This is a yaml dictionary comparison function + # pylint: disable=too-many-branches,too-many-return-statements + @staticmethod + def check_def_equal(user_def, result_def, debug=False): + ''' Given a user defined definition, compare it with the results given back by our query. ''' + + # Currently these values are autogenerated and we do not need to check them + skip = ['creationTimestamp', 'selfLink', 'resourceVersion', 'uid', 'namespace'] + + for key, value in result_def.items(): + if key in skip: + continue + + # Both are lists + if isinstance(value, list): + if not isinstance(user_def[key], list): + return False + + # lists should be identical + if value != user_def[key]: + return False + + # recurse on a dictionary + elif isinstance(value, dict): + if not isinstance(user_def[key], dict): + if debug: + print "dict returned false not instance of dict" + return False + + # before passing ensure keys match + api_values = set(value.keys()) - set(skip) + user_values = set(user_def[key].keys()) - set(skip) + if api_values != user_values: + if debug: + print api_values + print user_values + print "keys are not equal in dict" + return False + + result = Utils.check_def_equal(user_def[key], value, debug=debug) + if not result: + if debug: + print "dict returned false" + return False + + # Verify each key, value pair is the same + else: + if not user_def.has_key(key) or value != user_def[key]: + if debug: + print "value not equal; user_def does not have key" + print value + print user_def[key] + return False + + return True + +class DeploymentConfig(OpenShiftCLI): + ''' Class to wrap the oc command line tools + ''' + def __init__(self, + namespace, + dname=None, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + super(DeploymentConfig, self).__init__(namespace, kubeconfig) + self.namespace = namespace + self.name = dname + self.kubeconfig = kubeconfig + self.verbose = verbose + + def get_dc(self): + '''return a deploymentconfig by name ''' + return self.get('dc', self.name) + + def delete_dc(self): + '''return all pods ''' + return self.delete('dc', self.name) + + def new_dc(self, dfile): + '''Create a deploymentconfig ''' + return self.create(dfile) + + def update_dc(self, dfile, force=False): + '''run update dc + + This receives a list of file names and takes the first filename and calls replace. + ''' + return self.replace(dfile, force) + + +# pylint: disable=too-many-branches +def main(): + ''' + ansible oc module for deploymentconfig + ''' + + module = AnsibleModule( + argument_spec=dict( + kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), + state=dict(default='present', type='str', + choices=['present', 'absent', 'list']), + debug=dict(default=False, type='bool'), + namespace=dict(default='default', type='str'), + name=dict(default=None, type='str'), + deploymentconfig_file=dict(default=None, type='str'), + input_type=dict(default='yaml', choices=['yaml', 'json'], type='str'), + delete_after=dict(default=False, type='bool'), + content=dict(default=None, type='dict'), + force=dict(default=False, type='bool'), + ), + mutually_exclusive=[["contents", "deploymentconfig_file"]], + + supports_check_mode=True, + ) + occmd = DeploymentConfig(module.params['namespace'], + dname=module.params['name'], + kubeconfig=module.params['kubeconfig'], + verbose=module.params['debug']) + + state = module.params['state'] + + api_rval = occmd.get_dc() + + ##### + # Get + ##### + if state == 'list': + module.exit_json(changed=False, results=api_rval['results'], state="list") + + if not module.params['name']: + module.fail_json(msg='Please specify a name when state is absent|present.') + ######## + # Delete + ######## + if state == 'absent': + if not Utils.exists(api_rval['results'], module.params['name']): + module.exit_json(changed=False, state="absent") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a delete.') + + api_rval = occmd.delete_dc() + module.exit_json(changed=True, results=api_rval, state="absent") + + + if state == 'present': + if module.params['deploymentconfig_file']: + dfile = module.params['deploymentconfig_file'] + elif module.params['content']: + dfile = Utils.create_file('dc', module.params['content']) + else: + module.fail_json(msg="Please specify content or deploymentconfig file.") + + ######## + # Create + ######## + if not Utils.exists(api_rval['results'], module.params['name']): + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a create.') + + api_rval = occmd.new_dc(dfile) + + # Remove files + if module.params['deploymentconfig_file'] and module.params['delete_after']: + Utils.cleanup([dfile]) + + if api_rval['returncode'] != 0: + module.fail_json(msg=api_rval) + + module.exit_json(changed=True, results=api_rval, state="present") + + ######## + # Update + ######## + if Utils.check_def_equal(Utils.get_resource_file(dfile), api_rval['results'][0]): + + # Remove files + if module.params['deploymentconfig_file'] and module.params['delete_after']: + Utils.cleanup([dfile]) + + module.exit_json(changed=False, results=api_rval['results'], state="present") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed an update.') + + api_rval = occmd.update_dc(dfile, force=module.params['force']) + + # Remove files + if module.params['deploymentconfig_file'] and module.params['delete_after']: + Utils.cleanup([dfile]) + + if api_rval['returncode'] != 0: + module.fail_json(msg=api_rval) + + + module.exit_json(changed=True, results=api_rval, state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_openshift_api/library/oc_secret.py b/roles/lib_openshift_api/library/oc_secret.py new file mode 100644 index 000000000..96a0f1db1 --- /dev/null +++ b/roles/lib_openshift_api/library/oc_secret.py @@ -0,0 +1,410 @@ +#!/usr/bin/env python +''' + OpenShiftCLI class that wraps the oc commands in a subprocess +''' +import atexit +import json +import os +import shutil +import subprocess +import yaml + +class OpenShiftCLI(object): + ''' Class to wrap the oc command line tools ''' + def __init__(self, + namespace, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + self.namespace = namespace + self.verbose = verbose + self.kubeconfig = kubeconfig + + def replace(self, fname, force=False): + '''return all pods ''' + cmd = ['replace', '-f', fname] + if force: + cmd = ['replace', '--force', '-f', fname] + return self.oc_cmd(cmd) + + def create(self, fname): + '''return all pods ''' + return self.oc_cmd(['create', '-f', fname, '-n', self.namespace]) + + def delete(self, resource, rname): + '''return all pods ''' + return self.oc_cmd(['delete', resource, rname, '-n', self.namespace]) + + def get(self, resource, rname=None): + '''return a secret by name ''' + cmd = ['get', resource, '-o', 'json', '-n', self.namespace] + if rname: + cmd.append(rname) + + rval = self.oc_cmd(cmd, output=True) + + # Ensure results are retuned in an array + if rval.has_key('items'): + rval['results'] = rval['items'] + elif not isinstance(rval['results'], list): + rval['results'] = [rval['results']] + + return rval + + def oc_cmd(self, cmd, output=False): + '''Base command for oc ''' + #cmds = ['/usr/bin/oc', '--config', self.kubeconfig] + cmds = ['/usr/bin/oc'] + cmds.extend(cmd) + + results = '' + + if self.verbose: + print ' '.join(cmds) + + proc = subprocess.Popen(cmds, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + env={'KUBECONFIG': self.kubeconfig}) + proc.wait() + if proc.returncode == 0: + if output: + try: + results = json.loads(proc.stdout.read()) + except ValueError as err: + if "No JSON object could be decoded" in err.message: + results = err.message + + if self.verbose: + print proc.stderr.read() + print results + print + + return {"returncode": proc.returncode, "results": results} + + return {"returncode": proc.returncode, + "stderr": proc.stderr.read(), + "stdout": proc.stdout.read(), + "results": {} + } + +class Utils(object): + ''' utilities for openshiftcli modules ''' + @staticmethod + def create_file(rname, data, ftype=None): + ''' create a file in tmp with name and contents''' + path = os.path.join('/tmp', rname) + with open(path, 'w') as fds: + if ftype == 'yaml': + fds.write(yaml.dump(data, default_flow_style=False)) + + elif ftype == 'json': + fds.write(json.dumps(data)) + else: + fds.write(data) + + # Register cleanup when module is done + atexit.register(Utils.cleanup, [path]) + return path + + @staticmethod + def create_files_from_contents(data): + '''Turn an array of dict: filename, content into a files array''' + files = [] + + for sfile in data: + path = Utils.create_file(sfile['path'], sfile['content']) + files.append(path) + + return files + + @staticmethod + def cleanup(files): + '''Clean up on exit ''' + for sfile in files: + if os.path.exists(sfile): + if os.path.isdir(sfile): + shutil.rmtree(sfile) + elif os.path.isfile(sfile): + os.remove(sfile) + + + @staticmethod + def exists(results, _name): + ''' Check to see if the results include the name ''' + if not results: + return False + + + if Utils.find_result(results, _name): + return True + + return False + + @staticmethod + def find_result(results, _name): + ''' Find the specified result by name''' + rval = None + for result in results: + if result.has_key('metadata') and result['metadata']['name'] == _name: + rval = result + break + + return rval + + @staticmethod + def get_resource_file(sfile, sfile_type='yaml'): + ''' return the service file ''' + contents = None + with open(sfile) as sfd: + contents = sfd.read() + + if sfile_type == 'yaml': + contents = yaml.load(contents) + elif sfile_type == 'json': + contents = json.loads(contents) + + return contents + + # Disabling too-many-branches. This is a yaml dictionary comparison function + # pylint: disable=too-many-branches,too-many-return-statements + @staticmethod + def check_def_equal(user_def, result_def, debug=False): + ''' Given a user defined definition, compare it with the results given back by our query. ''' + + # Currently these values are autogenerated and we do not need to check them + skip = ['creationTimestamp', 'selfLink', 'resourceVersion', 'uid', 'namespace'] + + for key, value in result_def.items(): + if key in skip: + continue + + # Both are lists + if isinstance(value, list): + if not isinstance(user_def[key], list): + return False + + # lists should be identical + if value != user_def[key]: + return False + + # recurse on a dictionary + elif isinstance(value, dict): + if not isinstance(user_def[key], dict): + if debug: + print "dict returned false not instance of dict" + return False + + # before passing ensure keys match + api_values = set(value.keys()) - set(skip) + user_values = set(user_def[key].keys()) - set(skip) + if api_values != user_values: + if debug: + print api_values + print user_values + print "keys are not equal in dict" + return False + + result = Utils.check_def_equal(user_def[key], value, debug=debug) + if not result: + if debug: + print "dict returned false" + return False + + # Verify each key, value pair is the same + else: + if not user_def.has_key(key) or value != user_def[key]: + if debug: + print "value not equal; user_def does not have key" + print value + print user_def[key] + return False + + return True + +class Secret(OpenShiftCLI): + ''' Class to wrap the oc command line tools + ''' + def __init__(self, + namespace, + secret_name=None, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + super(Secret, self).__init__(namespace, kubeconfig) + self.namespace = namespace + self.name = secret_name + self.kubeconfig = kubeconfig + self.verbose = verbose + + def get_secrets(self): + '''return a secret by name ''' + return self.get('secrets', self.name) + + def delete_secret(self): + '''return all pods ''' + return self.delete('secrets', self.name) + + def secret_new(self, files=None, contents=None): + '''Create a secret with all pods ''' + if not files: + files = Utils.create_files_from_contents(contents) + + secrets = ["%s=%s" % (os.path.basename(sfile), sfile) for sfile in files] + cmd = ['-n%s' % self.namespace, 'secrets', 'new', self.name] + cmd.extend(secrets) + + return self.oc_cmd(cmd) + + def update_secret(self, files, force=False): + '''run update secret + + This receives a list of file names and converts it into a secret. + The secret is then written to disk and passed into the `oc replace` command. + ''' + secret = self.prep_secret(files) + if secret['returncode'] != 0: + return secret + + sfile_path = '/tmp/%s' % self.name + with open(sfile_path, 'w') as sfd: + sfd.write(json.dumps(secret['results'])) + + atexit.register(Utils.cleanup, [sfile_path]) + + return self.replace(sfile_path, force=force) + + def prep_secret(self, files=None, contents=None): + ''' return what the secret would look like if created + This is accomplished by passing -ojson. This will most likely change in the future + ''' + if not files: + files = Utils.create_files_from_contents(contents) + + secrets = ["%s=%s" % (os.path.basename(sfile), sfile) for sfile in files] + cmd = ['-ojson', '-n%s' % self.namespace, 'secrets', 'new', self.name] + cmd.extend(secrets) + + return self.oc_cmd(cmd, output=True) + + + +# pylint: disable=too-many-branches +def main(): + ''' + ansible oc module for secrets + ''' + + module = AnsibleModule( + argument_spec=dict( + kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), + state=dict(default='present', type='str', + choices=['present', 'absent', 'list']), + debug=dict(default=False, type='bool'), + namespace=dict(default='default', type='str'), + name=dict(default=None, type='str'), + files=dict(default=None, type='list'), + delete_after=dict(default=False, type='bool'), + contents=dict(default=None, type='list'), + force=dict(default=False, type='bool'), + ), + mutually_exclusive=[["contents", "files"]], + + supports_check_mode=True, + ) + occmd = Secret(module.params['namespace'], + module.params['name'], + kubeconfig=module.params['kubeconfig'], + verbose=module.params['debug']) + + state = module.params['state'] + + api_rval = occmd.get_secrets() + + ##### + # Get + ##### + if state == 'list': + module.exit_json(changed=False, results=api_rval['results'], state="list") + + if not module.params['name']: + module.fail_json(msg='Please specify a name when state is absent|present.') + ######## + # Delete + ######## + if state == 'absent': + if not Utils.exists(api_rval['results'], module.params['name']): + module.exit_json(changed=False, state="absent") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a delete.') + + api_rval = occmd.delete_secret() + module.exit_json(changed=True, results=api_rval, state="absent") + + + if state == 'present': + if module.params['files']: + files = module.params['files'] + elif module.params['contents']: + files = Utils.create_files_from_contents(module.params['contents']) + else: + module.fail_json(msg='Either specify files or contents.') + + ######## + # Create + ######## + if not Utils.exists(api_rval['results'], module.params['name']): + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a create.') + + api_rval = occmd.secret_new(module.params['files'], module.params['contents']) + + # Remove files + if files and module.params['delete_after']: + Utils.cleanup(files) + + module.exit_json(changed=True, results=api_rval, state="present") + + ######## + # Update + ######## + secret = occmd.prep_secret(module.params['files'], module.params['contents']) + + if secret['returncode'] != 0: + module.fail_json(msg=secret) + + if Utils.check_def_equal(secret['results'], api_rval['results'][0]): + + # Remove files + if files and module.params['delete_after']: + Utils.cleanup(files) + + module.exit_json(changed=False, results=secret['results'], state="present") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed an update.') + + api_rval = occmd.update_secret(files, force=module.params['force']) + + # Remove files + if secret and module.params['delete_after']: + Utils.cleanup(files) + + if api_rval['returncode'] != 0: + module.fail_json(msg=api_rval) + + + module.exit_json(changed=True, results=api_rval, state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_openshift_api/library/oc_service.py b/roles/lib_openshift_api/library/oc_service.py new file mode 100644 index 000000000..e7bd2514e --- /dev/null +++ b/roles/lib_openshift_api/library/oc_service.py @@ -0,0 +1,378 @@ +#!/usr/bin/env python +''' + OpenShiftCLI class that wraps the oc commands in a subprocess +''' +import atexit +import json +import os +import shutil +import subprocess +import yaml + +class OpenShiftCLI(object): + ''' Class to wrap the oc command line tools ''' + def __init__(self, + namespace, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + self.namespace = namespace + self.verbose = verbose + self.kubeconfig = kubeconfig + + def replace(self, fname, force=False): + '''return all pods ''' + cmd = ['replace', '-f', fname] + if force: + cmd = ['replace', '--force', '-f', fname] + return self.oc_cmd(cmd) + + def create(self, fname): + '''return all pods ''' + return self.oc_cmd(['create', '-f', fname, '-n', self.namespace]) + + def delete(self, resource, rname): + '''return all pods ''' + return self.oc_cmd(['delete', resource, rname, '-n', self.namespace]) + + def get(self, resource, rname=None): + '''return a secret by name ''' + cmd = ['get', resource, '-o', 'json', '-n', self.namespace] + if rname: + cmd.append(rname) + + rval = self.oc_cmd(cmd, output=True) + + # Ensure results are retuned in an array + if rval.has_key('items'): + rval['results'] = rval['items'] + elif not isinstance(rval['results'], list): + rval['results'] = [rval['results']] + + return rval + + def oc_cmd(self, cmd, output=False): + '''Base command for oc ''' + #cmds = ['/usr/bin/oc', '--config', self.kubeconfig] + cmds = ['/usr/bin/oc'] + cmds.extend(cmd) + + results = '' + + if self.verbose: + print ' '.join(cmds) + + proc = subprocess.Popen(cmds, + stdout=subprocess.PIPE, + stderr=subprocess.PIPE, + env={'KUBECONFIG': self.kubeconfig}) + proc.wait() + if proc.returncode == 0: + if output: + try: + results = json.loads(proc.stdout.read()) + except ValueError as err: + if "No JSON object could be decoded" in err.message: + results = err.message + + if self.verbose: + print proc.stderr.read() + print results + print + + return {"returncode": proc.returncode, "results": results} + + return {"returncode": proc.returncode, + "stderr": proc.stderr.read(), + "stdout": proc.stdout.read(), + "results": {} + } + +class Utils(object): + ''' utilities for openshiftcli modules ''' + @staticmethod + def create_file(rname, data, ftype=None): + ''' create a file in tmp with name and contents''' + path = os.path.join('/tmp', rname) + with open(path, 'w') as fds: + if ftype == 'yaml': + fds.write(yaml.dump(data, default_flow_style=False)) + + elif ftype == 'json': + fds.write(json.dumps(data)) + else: + fds.write(data) + + # Register cleanup when module is done + atexit.register(Utils.cleanup, [path]) + return path + + @staticmethod + def create_files_from_contents(data): + '''Turn an array of dict: filename, content into a files array''' + files = [] + + for sfile in data: + path = Utils.create_file(sfile['path'], sfile['content']) + files.append(path) + + return files + + @staticmethod + def cleanup(files): + '''Clean up on exit ''' + for sfile in files: + if os.path.exists(sfile): + if os.path.isdir(sfile): + shutil.rmtree(sfile) + elif os.path.isfile(sfile): + os.remove(sfile) + + + @staticmethod + def exists(results, _name): + ''' Check to see if the results include the name ''' + if not results: + return False + + + if Utils.find_result(results, _name): + return True + + return False + + @staticmethod + def find_result(results, _name): + ''' Find the specified result by name''' + rval = None + for result in results: + if result.has_key('metadata') and result['metadata']['name'] == _name: + rval = result + break + + return rval + + @staticmethod + def get_resource_file(sfile, sfile_type='yaml'): + ''' return the service file ''' + contents = None + with open(sfile) as sfd: + contents = sfd.read() + + if sfile_type == 'yaml': + contents = yaml.load(contents) + elif sfile_type == 'json': + contents = json.loads(contents) + + return contents + + # Disabling too-many-branches. This is a yaml dictionary comparison function + # pylint: disable=too-many-branches,too-many-return-statements + @staticmethod + def check_def_equal(user_def, result_def, debug=False): + ''' Given a user defined definition, compare it with the results given back by our query. ''' + + # Currently these values are autogenerated and we do not need to check them + skip = ['creationTimestamp', 'selfLink', 'resourceVersion', 'uid', 'namespace'] + + for key, value in result_def.items(): + if key in skip: + continue + + # Both are lists + if isinstance(value, list): + if not isinstance(user_def[key], list): + return False + + # lists should be identical + if value != user_def[key]: + return False + + # recurse on a dictionary + elif isinstance(value, dict): + if not isinstance(user_def[key], dict): + if debug: + print "dict returned false not instance of dict" + return False + + # before passing ensure keys match + api_values = set(value.keys()) - set(skip) + user_values = set(user_def[key].keys()) - set(skip) + if api_values != user_values: + if debug: + print api_values + print user_values + print "keys are not equal in dict" + return False + + result = Utils.check_def_equal(user_def[key], value, debug=debug) + if not result: + if debug: + print "dict returned false" + return False + + # Verify each key, value pair is the same + else: + if not user_def.has_key(key) or value != user_def[key]: + if debug: + print "value not equal; user_def does not have key" + print value + print user_def[key] + return False + + return True + +class Service(OpenShiftCLI): + ''' Class to wrap the oc command line tools + ''' + def __init__(self, + namespace, + service_name=None, + kubeconfig='/etc/origin/master/admin.kubeconfig', + verbose=False): + ''' Constructor for OpenshiftOC ''' + super(Service, self).__init__(namespace, kubeconfig) + self.namespace = namespace + self.name = service_name + self.verbose = verbose + self.kubeconfig = kubeconfig + + def create_service(self, sfile): + ''' create the service ''' + return self.create(sfile) + + def get_services(self): + '''return a secret by name ''' + return self.get('services', self.name) + + def delete_service(self): + '''return all pods ''' + return self.delete('service', self.name) + + def update_service(self, sfile, force=False): + '''run update service + + This receives a list of file names and converts it into a secret. + The secret is then written to disk and passed into the `oc replace` command. + ''' + return self.replace(sfile, force=force) + + +# pylint: disable=too-many-branches +def main(): + ''' + ansible oc module for services + ''' + + module = AnsibleModule( + argument_spec=dict( + kubeconfig=dict(default='/etc/origin/master/admin.kubeconfig', type='str'), + state=dict(default='present', type='str', + choices=['present', 'absent', 'list']), + debug=dict(default=False, type='bool'), + namespace=dict(default='default', type='str'), + name=dict(default=None, type='str'), + service_file=dict(default=None, type='str'), + input_type=dict(default='yaml', + choices=['json', 'yaml'], + type='str'), + delete_after=dict(default=False, type='bool'), + contents=dict(default=None, type='list'), + force=dict(default=False, type='bool'), + ), + mutually_exclusive=[["contents", "service_file"]], + + supports_check_mode=True, + ) + occmd = Service(module.params['namespace'], + module.params['name'], + kubeconfig=module.params['kubeconfig'], + verbose=module.params['debug']) + + state = module.params['state'] + + api_rval = occmd.get_services() + + ##### + # Get + ##### + if state == 'list': + module.exit_json(changed=False, results=api_rval['results'], state="list") + + if not module.params['name']: + module.fail_json(msg='Please specify a name when state is absent|present.') + ######## + # Delete + ######## + if state == 'absent': + if not Utils.exists(api_rval['results'], module.params['name']): + module.exit_json(changed=False, state="absent") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a delete.') + + api_rval = occmd.delete_service() + module.exit_json(changed=True, results=api_rval, state="absent") + + + if state == 'present': + if module.params['service_file']: + sfile = module.params['service_file'] + elif module.params['contents']: + sfile = Utils.create_files_from_contents(module.params['contents']) + else: + module.fail_json(msg='Either specify files or contents.') + + ######## + # Create + ######## + if not Utils.exists(api_rval['results'], module.params['name']): + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed a create.') + + api_rval = occmd.create_service(sfile) + + # Remove files + if sfile and module.params['delete_after']: + Utils.cleanup([sfile]) + + module.exit_json(changed=True, results=api_rval, state="present") + + ######## + # Update + ######## + sfile_contents = Utils.get_resource_file(sfile, module.params['input_type']) + if Utils.check_def_equal(sfile_contents, api_rval['results'][0]): + + # Remove files + if module.params['service_file'] and module.params['delete_after']: + Utils.cleanup([sfile]) + + module.exit_json(changed=False, results=api_rval['results'][0], state="present") + + if module.check_mode: + module.exit_json(change=False, msg='Would have performed an update.') + + api_rval = occmd.update_service(sfile, force=module.params['force']) + + # Remove files + if sfile and module.params['delete_after']: + Utils.cleanup([sfile]) + + if api_rval['returncode'] != 0: + module.fail_json(msg=api_rval) + + + module.exit_json(changed=True, results=api_rval, state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/lib_yaml_editor/library/yedit.py b/roles/lib_yaml_editor/library/yedit.py new file mode 100644 index 000000000..9b565d0c7 --- /dev/null +++ b/roles/lib_yaml_editor/library/yedit.py @@ -0,0 +1,220 @@ +#!/usr/bin/env python +''' +module for openshift cloud secrets +''' + +import os +import yaml + +class YeditException(Exception): + ''' Exception class for Yedit ''' + pass + +class Yedit(object): + ''' Class to modify yaml files ''' + + def __init__(self, filename): + self.filename = filename + self.__yaml_dict = None + self.get() + + @property + def yaml_dict(self): + ''' getter method for yaml_dict ''' + return self.__yaml_dict + + @yaml_dict.setter + def yaml_dict(self, value): + ''' setter method for yaml_dict ''' + self.__yaml_dict = value + + @staticmethod + def remove_entry(data, keys): + ''' remove an item from a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + item = c + ''' + if "." in keys: + key, rest = keys.split(".", 1) + if key in data.keys(): + Yedit.remove_entry(data[key], rest) + else: + del data[keys] + + @staticmethod + def add_entry(data, keys, item): + ''' Add an item to a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + item = c + ''' + if "." in keys: + key, rest = keys.split(".", 1) + if key not in data: + data[key] = {} + + if not isinstance(data, dict): + raise YeditException('Invalid add_entry called on a [%s] of type [%s].' % (data, type(data))) + else: + Yedit.add_entry(data[key], rest, item) + + else: + data[keys] = item + + + @staticmethod + def get_entry(data, keys): + ''' Get an item from a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + return c + ''' + if keys and "." in keys: + key, rest = keys.split(".", 1) + if not isinstance(data[key], dict): + raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data))) + + else: + return Yedit.get_entry(data[key], rest) + + else: + return data.get(keys, None) + + + def write(self): + ''' write to file ''' + with open(self.filename, 'w') as yfd: + yfd.write(yaml.dump(self.yaml_dict, default_flow_style=False)) + + def read(self): + ''' write to file ''' + # check if it exists + if not self.exists(): + return None + + contents = None + with open(self.filename) as yfd: + contents = yfd.read() + + return contents + + def exists(self): + ''' return whether file exists ''' + if os.path.exists(self.filename): + return True + + return False + def get(self): + ''' return yaml file ''' + contents = self.read() + + if not contents: + return None + + # check if it is yaml + try: + self.yaml_dict = yaml.load(contents) + except yaml.YAMLError as _: + # Error loading yaml + return None + + return self.yaml_dict + + def delete(self, key): + ''' put key, value into a yaml file ''' + try: + entry = Yedit.get_entry(self.yaml_dict, key) + except KeyError as _: + entry = None + if not entry: + return (False, self.yaml_dict) + + Yedit.remove_entry(self.yaml_dict, key) + self.write() + return (True, self.get()) + + def put(self, key, value): + ''' put key, value into a yaml file ''' + try: + entry = Yedit.get_entry(self.yaml_dict, key) + except KeyError as _: + entry = None + + if entry == value: + return (False, self.yaml_dict) + + Yedit.add_entry(self.yaml_dict, key, value) + self.write() + return (True, self.get()) + + def create(self, key, value): + ''' create the file ''' + if not self.exists(): + self.yaml_dict = {key: value} + self.write() + return (True, self.get()) + + return (False, self.get()) + + +def main(): + ''' + ansible oc module for secrets + ''' + + module = AnsibleModule( + argument_spec=dict( + state=dict(default='present', type='str', + choices=['present', 'absent', 'list']), + debug=dict(default=False, type='bool'), + + src=dict(default=None, type='str'), + key=dict(default=None, type='str'), + value=dict(default=None, type='str'), + value_format=dict(default='yaml', choices=['yaml', 'json'], type='str'), + ), + mutually_exclusive=[["contents", "files"]], + + supports_check_mode=True, + ) + state = module.params['state'] + + yamlfile = Yedit(module.params['src']) + + rval = yamlfile.get() + if not rval and state != 'present': + module.fail_json(msg='Error opening file [%s]. Verify that the' + \ + ' file exists, that it is has correct permissions, and is valid yaml.') + + if state == 'list': + module.exit_json(changed=False, results=rval, state="list") + + if state == 'absent': + rval = yamlfile.delete(module.params['key']) + module.exit_json(changed=rval[0], results=rval[1], state="absent") + + if state == 'present': + + if module.params['value_format'] == 'yaml': + value = yaml.load(module.params['value']) + elif module.params['value_format'] == 'json': + value = json.loads(module.params['value']) + + if rval: + rval = yamlfile.put(module.params['key'], value) + module.exit_json(changed=rval[0], results=rval[1], state="present") + + rval = yamlfile.create(module.params['key'], value) + module.exit_json(changed=rval[0], results=rval[1], state="present") + + module.exit_json(failed=True, + changed=False, + results='Unknown state passed. %s' % state, + state="unknown") + +# pylint: disable=redefined-builtin, unused-wildcard-import, wildcard-import, locally-disabled +# import module snippets. This are required +from ansible.module_utils.basic import * + +main() diff --git a/roles/nuage_master/templates/nuage-openshift-monitor.j2 b/roles/nuage_master/templates/nuage-openshift-monitor.j2 index e50e225e1..7228e646b 100644 --- a/roles/nuage_master/templates/nuage-openshift-monitor.j2 +++ b/roles/nuage_master/templates/nuage-openshift-monitor.j2 @@ -18,6 +18,10 @@ domainName: {{ domain }} # Location where logs should be saved log_dir: {{ nuage_mon_rest_server_logdir }} # Monitor rest server paramters +# Logging level for the nuage openshift monitor +# allowed options are: 0 => INFO, 1 => WARNING, 2 => ERROR, 3 => FATAL +logLevel: {{ nuage_mon_log_level }} +# Parameters related to the nuage monitor REST server nuageMonServer: URL: {{ nuage_mon_rest_server_url }} certificateDirectory: {{ cert_output_dir }} diff --git a/roles/nuage_master/vars/main.yaml b/roles/nuage_master/vars/main.yaml index 4b57273e4..ec4562c77 100644 --- a/roles/nuage_master/vars/main.yaml +++ b/roles/nuage_master/vars/main.yaml @@ -8,6 +8,7 @@ master_config_yaml: "{{ openshift_master_config_dir }}/master-config.yaml" nuage_mon_rest_server_port: "{{ nuage_openshift_monitor_rest_server_port | default('9443') }}" nuage_mon_rest_server_url: "0.0.0.0:{{ nuage_mon_rest_server_port }}" nuage_mon_rest_server_logdir: "{{ nuage_openshift_monitor_log_dir | default('/var/log/nuage-openshift-monitor') }}" +nuage_mon_log_level: "{{ nuage_openshift_monitor_log_level | default('3') }}" nuage_mon_rest_server_crt_dir: "{{ nuage_ca_master_crt_dir }}/{{ ansible_nodename }}" nuage_ca_master_rest_server_key: "{{ nuage_mon_rest_server_crt_dir }}/nuageMonServer.key" diff --git a/roles/nuage_node/templates/vsp-openshift.j2 b/roles/nuage_node/templates/vsp-openshift.j2 index 6c10b9c24..d3c0a122a 100644 --- a/roles/nuage_node/templates/vsp-openshift.j2 +++ b/roles/nuage_node/templates/vsp-openshift.j2 @@ -22,3 +22,6 @@ nuageMonClientKey: {{ rest_client_key }} nuageMonServerCA: {{ rest_server_ca_cert }} # Nuage vport mtu size interfaceMTU: {{ vport_mtu }} +# Logging level for the plugin +# allowed options are: "dbg", "info", "warn", "err", "emer", "off" +logLevel: {{ plugin_log_level }} diff --git a/roles/nuage_node/vars/main.yaml b/roles/nuage_node/vars/main.yaml index 5acc65ef4..a4d7052a7 100644 --- a/roles/nuage_node/vars/main.yaml +++ b/roles/nuage_node/vars/main.yaml @@ -13,6 +13,7 @@ rest_client_cert: "{{ vsp_openshift_dir }}/nuageMonClient.crt" rest_client_key: "{{ vsp_openshift_dir }}/nuageMonClient.key" rest_server_ca_cert: "{{ vsp_openshift_dir }}/nuageMonCA.crt" vport_mtu: "{{ nuage_interface_mtu | default('1460') }}" +plugin_log_level: "{{ nuage_plugin_log_level | default('err') }}" nuage_plugin_rest_client_crt_dir: "{{ nuage_ca_master_crt_dir }}/{{ ansible_nodename }}" nuage_ca_master_plugin_key: "{{ nuage_plugin_rest_client_crt_dir }}/nuageMonClient.key" diff --git a/roles/openshift_cli/meta/main.yml b/roles/openshift_cli/meta/main.yml index 1e8f8b719..62de120c6 100644 --- a/roles/openshift_cli/meta/main.yml +++ b/roles/openshift_cli/meta/main.yml @@ -12,5 +12,6 @@ galaxy_info: categories: - cloud dependencies: -- { role: openshift_common } -- { role: docker } +- role: openshift_common +- role: openshift_docker + when: openshift.common.is_containerized | bool diff --git a/roles/openshift_cli/tasks/main.yml b/roles/openshift_cli/tasks/main.yml index 3b224416e..e82903b81 100644 --- a/roles/openshift_cli/tasks/main.yml +++ b/roles/openshift_cli/tasks/main.yml @@ -1,10 +1,10 @@ --- +# TODO: move this to a new 'cli' role - openshift_facts: role: common local_facts: - deployment_type: "{{ openshift_deployment_type }}" cli_image: "{{ osm_image | default(None) }}" - + - name: Install clients action: "{{ ansible_pkg_mgr }} name={{ openshift.common.service_type }}-clients state=present" when: not openshift.common.is_containerized | bool @@ -13,16 +13,16 @@ command: > docker pull {{ openshift.common.cli_image }}:{{ openshift_version }} when: openshift.common.is_containerized | bool - + - name: Create /usr/local/bin/openshift cli wrapper template: src: openshift.j2 dest: /usr/local/bin/openshift mode: 0755 when: openshift.common.is_containerized | bool - + - name: Create client symlinks - file: + file: path: "{{ item }}" state: link src: /usr/local/bin/openshift diff --git a/roles/openshift_cloud_provider/defaults/main.yml b/roles/openshift_cloud_provider/defaults/main.yml new file mode 100644 index 000000000..6c7403232 --- /dev/null +++ b/roles/openshift_cloud_provider/defaults/main.yml @@ -0,0 +1,7 @@ +--- +ocp_os_auth_url: "{{ lookup('env', 'OS_AUTH_URL') }}" +ocp_os_username: "{{ lookup('env', 'OS_USERNAME') }}" +ocp_os_password: "{{ lookup('env', 'OS_PASSWORD') }}" +ocp_os_tenant_id: "{{ lookup('env', 'OS_TENANT_ID') }}" +ocp_os_tenant_name: "{{ lookup('env', 'OS_TENANT_NAME') }}" +ocp_os_region: "{{ lookup('env', 'OS_REGION_NAME') }}" diff --git a/roles/openshift_cloud_provider/tasks/main.yml b/roles/openshift_cloud_provider/tasks/main.yml new file mode 100644 index 000000000..e14f944e8 --- /dev/null +++ b/roles/openshift_cloud_provider/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- include: openstack.yml + when: "openshift_cloud_provider is defined and openshift_cloud_provider == 'openstack' and 'provider' in openshift and openshift.provider.name == 'openstack'" diff --git a/roles/openshift_cloud_provider/tasks/openstack.yml b/roles/openshift_cloud_provider/tasks/openstack.yml new file mode 100644 index 000000000..a56f1891a --- /dev/null +++ b/roles/openshift_cloud_provider/tasks/openstack.yml @@ -0,0 +1,9 @@ +- fail: + msg: "The Openstack integration requires OpenShift Enterprise 3.2 or Origin 1.2." + when: not openshift.common.version_gte_3_2_or_1_2 | bool + +- name: Create /etc/cloud.conf + template: + dest: /etc/cloud.conf + src: openstack/cloud.conf.j2 + when: ocp_os_auth_url and ocp_os_username and ocp_os_password and (ocp_os_tenant_id or ocp_os_tenant_name)
\ No newline at end of file diff --git a/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2 b/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2 new file mode 100644 index 000000000..388f3a735 --- /dev/null +++ b/roles/openshift_cloud_provider/templates/openstack/cloud.conf.j2 @@ -0,0 +1,17 @@ +[Global] +auth-url = {{ ocp_os_auth_url }} +username = {{ ocp_os_username }} +password = {{ ocp_os_password }} +{% if ocp_os_tenant_id %} +tenant-id = {{ ocp_os_tenant_id }} +{% else %} +tenant-name = {{ ocp_os_tenant_name }} +{% endif %} +{% if ocp_os_region %} +region = {{ ocp_os_region }} +{% endif %} +{% if ocp_os_lb_subnet_id is defined %} ++ ++[LoadBalancer] ++subnet-id = {{ ocp_os_lb_subnet_id }} ++{% endif %}
\ No newline at end of file diff --git a/roles/openshift_common/meta/main.yml b/roles/openshift_common/meta/main.yml index 81363ec68..d879db0aa 100644 --- a/roles/openshift_common/meta/main.yml +++ b/roles/openshift_common/meta/main.yml @@ -15,3 +15,4 @@ dependencies: - { role: os_firewall } - { role: openshift_facts } - { role: openshift_repos } +- { role: openshift_cloud_provider } diff --git a/roles/openshift_common/tasks/main.yml b/roles/openshift_common/tasks/main.yml index a2fcff507..541efe27a 100644 --- a/roles/openshift_common/tasks/main.yml +++ b/roles/openshift_common/tasks/main.yml @@ -19,16 +19,10 @@ openshift_facts: role: common local_facts: - cluster_id: "{{ openshift_cluster_id | default('default') }}" debug_level: "{{ openshift_debug_level | default(2) }}" - hostname: "{{ openshift_hostname | default(None) }}" install_examples: "{{ openshift_install_examples | default(True) }}" - ip: "{{ openshift_ip | default(None) }}" - public_hostname: "{{ openshift_public_hostname | default(None) }}" - public_ip: "{{ openshift_public_ip | default(None) }}" use_openshift_sdn: "{{ openshift_use_openshift_sdn | default(None) }}" sdn_network_plugin_name: "{{ os_sdn_network_plugin_name | default(None) }}" - deployment_type: "{{ openshift_deployment_type }}" use_flannel: "{{ openshift_use_flannel | default(None) }}" use_nuage: "{{ openshift_use_nuage | default(None) }}" use_manageiq: "{{ openshift_use_manageiq | default(None) }}" diff --git a/roles/openshift_docker/handlers/main.yml b/roles/openshift_docker/handlers/main.yml deleted file mode 100644 index 92a6c325f..000000000 --- a/roles/openshift_docker/handlers/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- - -- name: restart openshift_docker - service: - name: docker - state: restarted diff --git a/roles/openshift_docker/meta/main.yml b/roles/openshift_docker/meta/main.yml index 1e8f8b719..60efd4e45 100644 --- a/roles/openshift_docker/meta/main.yml +++ b/roles/openshift_docker/meta/main.yml @@ -12,5 +12,5 @@ galaxy_info: categories: - cloud dependencies: -- { role: openshift_common } -- { role: docker } +- role: openshift_docker_facts +- role: docker diff --git a/roles/openshift_docker/tasks/main.yml b/roles/openshift_docker/tasks/main.yml deleted file mode 100644 index a57cf815e..000000000 --- a/roles/openshift_docker/tasks/main.yml +++ /dev/null @@ -1,55 +0,0 @@ ---- -- name: Set docker facts - openshift_facts: - role: "{{ item.role }}" - local_facts: "{{ item.local_facts }}" - with_items: - - role: common - local_facts: - deployment_type: "{{ openshift_deployment_type }}" - docker_additional_registries: "{{ docker_additional_registries }}" - docker_insecure_registries: "{{ docker_insecure_registries }}" - docker_blocked_registries: "{{ docker_blocked_registries }}" - docker_options: "{{ openshift_docker_options | default('',True) }}" - - role: node - local_facts: - portal_net: "{{ openshift_master_portal_net | default(None) }}" - docker_log_driver: "{{ lookup( 'oo_option' , 'docker_log_driver' ) | default('',True) }}" - docker_log_options: "{{ lookup( 'oo_option' , 'docker_log_options' ) | default('',True) }}" - -- stat: path=/etc/sysconfig/docker - register: docker_check - -- name: Set registry params - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^{{ item.reg_conf_var }}=.*$' - line: "{{ item.reg_conf_var }}='{{ item.reg_fact_val | oo_prepend_strings_in_list(item.reg_flag ~ ' ') | join(' ') }}'" - when: "'docker_additional_registries' in openshift.common and docker_check.stat.isreg" - with_items: - - reg_conf_var: ADD_REGISTRY - reg_fact_val: "{{ openshift.common.docker_additional_registries }}" - reg_flag: --add-registry - - reg_conf_var: BLOCK_REGISTRY - reg_fact_val: "{{ openshift.common.docker_blocked_registries }}" - reg_flag: --block-registry - - reg_conf_var: INSECURE_REGISTRY - reg_fact_val: "{{ openshift.common.docker_insecure_registries }}" - reg_flag: --insecure-registry - notify: - - restart openshift_docker - -# TODO: Enable secure registry when code available in origin -# TODO: perhaps move this to openshift_docker? -- name: Secure Registry and Logs Options - lineinfile: - dest: /etc/sysconfig/docker - regexp: '^OPTIONS=.*$' - line: "OPTIONS='--insecure-registry={{ openshift.node.portal_net }}\ - {% if ansible_selinux and ansible_selinux.status == '''enabled''' %} --selinux-enabled{% endif %}\ - {% if openshift.node.docker_log_driver is defined %} --log-driver {{ openshift.node.docker_log_driver }}{% endif %}\ - {% if openshift.node.docker_log_options is defined %} {{ openshift.node.docker_log_options | oo_split() | oo_prepend_strings_in_list('--log-opt ') | join(' ')}}{% endif %}\ - {% if openshift.common.docker_options is defined %} {{ openshift.common.docker_options }}{% endif %}'" - when: docker_check.stat.isreg - notify: - - restart openshift_docker diff --git a/roles/openshift_docker_facts/meta/main.yml b/roles/openshift_docker_facts/meta/main.yml new file mode 100644 index 000000000..5b1be7a8d --- /dev/null +++ b/roles/openshift_docker_facts/meta/main.yml @@ -0,0 +1,15 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift Docker Facts + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- { role: openshift_facts } diff --git a/roles/openshift_docker_facts/tasks/main.yml b/roles/openshift_docker_facts/tasks/main.yml new file mode 100644 index 000000000..26b46aa94 --- /dev/null +++ b/roles/openshift_docker_facts/tasks/main.yml @@ -0,0 +1,39 @@ +--- +- name: Set docker facts + openshift_facts: + role: "{{ item.role }}" + local_facts: "{{ item.local_facts }}" + with_items: + - role: docker + local_facts: + additional_registries: "{{ openshift_docker_additional_registries | default(None) }}" + blocked_registries: "{{ openshift_docker_blocked_registries | default(None) }}" + insecure_registries: "{{ openshift_docker_insecure_registries | default(None) }}" + log_driver: "{{ openshift_docker_log_driver | default(None) }}" + log_options: "{{ openshift_docker_log_options | default(None) }}" + options: "{{ openshift_docker_options | default(None) }}" + disable_push_dockerhub: "{{ openshift_disable_push_dockerhub | default(None) }}" + hosted_registry_insecure: "{{ openshift_docker_hosted_registry_insecure | default(None) }}" + hosted_registry_network: "{{ openshift_docker_hosted_registry_network | default(None) }}" + +- set_fact: + docker_additional_registries: "{{ openshift.docker.additional_registries + | default(omit) }}" + docker_blocked_registries: "{{ openshift.docker.blocked_registries + | default(omit) }}" + docker_insecure_registries: "{{ openshift.docker.insecure_registries + | default(omit) }}" + docker_log_driver: "{{ openshift.docker.log_driver | default(omit) }}" + docker_log_options: "{{ openshift.docker.log_options | default(omit) }}" + docker_push_dockerhub: "{{ openshift.docker.disable_push_dockerhub + | default(omit) }}" + +- set_fact: + docker_options: > + --insecure-registry={{ openshift.docker.hosted_registry_network }} + {{ openshift.docker.options | default ('') }} + when: openshift.docker.hosted_registry_insecure | default(False) | bool + +- set_fact: + docker_options: "{{ openshift.docker.options | default(omit) }}" + when: not openshift.docker.hosted_registry_insecure | default(False) | bool diff --git a/roles/openshift_etcd/meta/main.yml b/roles/openshift_etcd/meta/main.yml new file mode 100644 index 000000000..5e5f96d44 --- /dev/null +++ b/roles/openshift_etcd/meta/main.yml @@ -0,0 +1,18 @@ +--- +galaxy_info: + author: Jason DeTiberus + description: OpenShift etcd + company: Red Hat, Inc. + license: Apache License, Version 2.0 + min_ansible_version: 1.9 + platforms: + - name: EL + versions: + - 7 + categories: + - cloud +dependencies: +- role: openshift_facts +- role: openshift_docker + when: openshift.common.is_containerized | bool +- role: etcd diff --git a/roles/openshift_examples/defaults/main.yml b/roles/openshift_examples/defaults/main.yml index ad21d0f09..976ff7702 100644 --- a/roles/openshift_examples/defaults/main.yml +++ b/roles/openshift_examples/defaults/main.yml @@ -8,7 +8,7 @@ openshift_examples_load_quickstarts: true content_version: "{{ openshift.common.examples_content_version }}" -examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized else '/usr/share/openshift' }}/examples" +examples_base: "{{ openshift.common.config_base if openshift.common.is_containerized | bool else '/usr/share/openshift' }}/examples" image_streams_base: "{{ examples_base }}/image-streams" centos_image_streams: "{{ image_streams_base}}/image-streams-centos7.json" rhel_image_streams: "{{ image_streams_base}}/image-streams-rhel7.json" diff --git a/roles/openshift_examples/examples-sync.sh b/roles/openshift_examples/examples-sync.sh index 22cef303b..6108a1485 100755 --- a/roles/openshift_examples/examples-sync.sh +++ b/roles/openshift_examples/examples-sync.sh @@ -6,7 +6,7 @@ # This script should be run from openshift-ansible/roles/openshift_examples XPAAS_VERSION=ose-v1.2.0-1 -ORIGIN_VERSION=v1.2 +ORIGIN_VERSION=${1:-v1.2} EXAMPLES_BASE=$(pwd)/files/examples/${ORIGIN_VERSION} find ${EXAMPLES_BASE} -name '*.json' -delete find ${EXAMPLES_BASE} -name '*.yaml' -delete diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json index 68438b538..fe9effc19 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-ephemeral-template.json @@ -48,8 +48,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -87,19 +86,26 @@ { "name": "mongodb", "image": "mongodb", - "readinessProbe": { - "tcpSocket":{ - "port": 27017 - }, - "initialDelaySeconds": 15, - "timeoutSeconds": 1 - }, "ports": [ { "containerPort": 27017, "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 3, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p $MONGODB_ADMIN_PASSWORD -n 1 --noheaders"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 27017 + } + }, "env": [ { "name": "MONGODB_USER", @@ -118,7 +124,11 @@ "value": "${MONGODB_ADMIN_PASSWORD}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -152,13 +162,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "mongodb", "required": true }, { "name": "MONGODB_USER", + "displayName": "MongoDB user", "description": "Username for MongoDB user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -166,6 +184,7 @@ }, { "name": "MONGODB_PASSWORD", + "displayName": "MongoDB password", "description": "Password for the MongoDB user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -173,12 +192,14 @@ }, { "name": "MONGODB_DATABASE", - "description": "Database name", + "displayName": "MongoDB database name", + "description": "Name of the MongoDB database accessed", "value": "sampledb", "required": true }, { "name": "MONGODB_ADMIN_PASSWORD", + "displayName": "MongoDB admin password", "description": "Password for the database admin user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json index e90ed6fa8..ab37e7a3a 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mongodb-persistent-template.json @@ -65,8 +65,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -104,19 +103,26 @@ { "name": "mongodb", "image": "mongodb", - "readinessProbe": { - "tcpSocket":{ - "port": 27017 - }, - "initialDelaySeconds": 15, - "timeoutSeconds": 1 - }, "ports": [ { "containerPort": 27017, "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 3, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p $MONGODB_ADMIN_PASSWORD -n 1 --noheaders"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 27017 + } + }, "env": [ { "name": "MONGODB_USER", @@ -135,7 +141,11 @@ "value": "${MONGODB_ADMIN_PASSWORD}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -169,13 +179,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "mongodb", "required": true }, { "name": "MONGODB_USER", + "displayName": "MongoDB user", "description": "Username for MongoDB user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -183,6 +201,7 @@ }, { "name": "MONGODB_PASSWORD", + "displayName": "MongoDB password", "description": "Password for the MongoDB user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -190,12 +209,14 @@ }, { "name": "MONGODB_DATABASE", - "description": "Database name", + "displayName": "MongoDB database name", + "description": "Name of the MongoDB database accessed", "value": "sampledb", "required": true }, { "name": "MONGODB_ADMIN_PASSWORD", + "displayName": "MongoDB admin password", "description": "Password for the database admin user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -203,6 +224,7 @@ }, { "name": "VOLUME_CAPACITY", + "displayName": "Volume capacity", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", "required": true diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json index 84911d2d6..2c28db746 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-ephemeral-template.json @@ -48,8 +48,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -93,6 +92,21 @@ "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", + "MYSQL_PWD='$MYSQL_PASSWORD' mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, "env": [ { "name": "MYSQL_USER", @@ -107,7 +121,11 @@ "value": "${MYSQL_DATABASE}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -141,13 +159,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "mysql", "required": true }, { "name": "MYSQL_USER", + "displayName": "MySQL user", "description": "Username for MySQL user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -155,6 +181,7 @@ }, { "name": "MYSQL_PASSWORD", + "displayName": "MySQL password", "description": "Password for the MySQL user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -162,7 +189,8 @@ }, { "name": "MYSQL_DATABASE", - "description": "Database name", + "displayName": "MySQL database name", + "description": "Name of the MySQL database accessed", "value": "sampledb", "required": true } diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-persistent-template.json index 6e19f48f5..94199b6fe 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/mysql-persistent-template.json @@ -65,8 +65,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -110,6 +109,21 @@ "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", + "MYSQL_PWD='$MYSQL_PASSWORD' mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, "env": [ { "name": "MYSQL_USER", @@ -124,7 +138,11 @@ "value": "${MYSQL_DATABASE}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -158,13 +176,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "mysql", "required": true }, { "name": "MYSQL_USER", + "displayName": "MySQL user", "description": "Username for MySQL user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -172,6 +198,7 @@ }, { "name": "MYSQL_PASSWORD", + "displayName": "MySQL password", "description": "Password for the MySQL user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -179,12 +206,14 @@ }, { "name": "MYSQL_DATABASE", - "description": "Database name", + "displayName": "MySQL database name", + "description": "Name of the MySQL database accessed", "value": "sampledb", "required": true }, { "name": "VOLUME_CAPACITY", + "displayName": "Volume capacity", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", "required": true diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json index 9ee9364a9..da548c591 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-ephemeral-template.json @@ -48,8 +48,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -93,6 +92,20 @@ "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, "env": [ { "name": "POSTGRESQL_USER", @@ -107,7 +120,11 @@ "value": "${POSTGRESQL_DATABASE}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -141,13 +158,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "postgresql", "required": true }, { "name": "POSTGRESQL_USER", + "displayName": "PostgreSQL user", "description": "Username for PostgreSQL user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -155,6 +180,7 @@ }, { "name": "POSTGRESQL_PASSWORD", + "displayName": "PostgreSQL password", "description": "Password for the PostgreSQL user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -162,7 +188,8 @@ }, { "name": "POSTGRESQL_DATABASE", - "description": "Database name", + "displayName": "PostgreSQL database name", + "description": "Name of the PostgreSQL database accessed", "value": "sampledb", "required": true } diff --git a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-persistent-template.json index 91cd7453e..df8a34a9e 100644 --- a/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/db-templates/postgresql-persistent-template.json @@ -65,8 +65,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -110,6 +109,20 @@ "protocol": "TCP" } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, "env": [ { "name": "POSTGRESQL_USER", @@ -124,7 +137,11 @@ "value": "${POSTGRESQL_DATABASE}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", @@ -158,13 +175,21 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database service name", + "description": "The name of the OpenShift Service exposed for the database", "value": "postgresql", "required": true }, { "name": "POSTGRESQL_USER", + "displayName": "PostgreSQL user", "description": "Username for PostgreSQL user that will be used for accessing the database", "generate": "expression", "from": "user[A-Z0-9]{3}", @@ -172,6 +197,7 @@ }, { "name": "POSTGRESQL_PASSWORD", + "displayName": "PostgreSQL password", "description": "Password for the PostgreSQL user", "generate": "expression", "from": "[a-zA-Z0-9]{16}", @@ -179,12 +205,14 @@ }, { "name": "POSTGRESQL_DATABASE", - "description": "Database name", + "displayName": "PostgreSQL database name", + "description": "Name of the PostgreSQL database accessed", "value": "sampledb", "required": true }, { "name": "VOLUME_CAPACITY", + "displayName": "Volume capacity", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", "required": true diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json index a327c0215..719aee772 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-centos7.json @@ -14,6 +14,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Ruby applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "2.2" @@ -63,6 +70,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run NodeJS applications", + "iconClass": "icon-nodejs", + "tags": "builder,nodejs", + "supports":"nodejs", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "0.10" @@ -97,6 +111,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Perl applications", + "iconClass": "icon-perl", + "tags": "builder,perl", + "supports":"perl", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "5.20" @@ -147,6 +168,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run PHP applications", + "iconClass": "icon-php", + "tags": "builder,php", + "supports":"php", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "5.6" @@ -196,6 +224,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Python applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "3.4" @@ -260,9 +295,16 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Java applications on Wildfly", + "iconClass": "icon-wildfly", + "tags": "builder,wildfly,java", + "supports":"jee,java", + "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + }, "from": { "kind": "ImageStreamTag", - "name": "8.1" + "name": "10.0" } }, { @@ -279,6 +321,36 @@ "kind": "DockerImage", "name": "openshift/wildfly-81-centos7:latest" } + }, + { + "name": "9.0", + "annotations": { + "description": "Build and run Java applications on Wildfly 9.0", + "iconClass": "icon-wildfly", + "tags": "builder,wildfly,java", + "supports":"wildfly:9.0,jee,java", + "version": "9.0", + "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + }, + "from": { + "kind": "DockerImage", + "name": "openshift/wildfly-90-centos7:latest" + } + }, + { + "name": "10.0", + "annotations": { + "description": "Build and run Java applications on Wildfly 10.0", + "iconClass": "icon-wildfly", + "tags": "builder,wildfly,java", + "supports":"wildfly:10.0,jee,java", + "version": "10.0", + "sampleRepo": "https://github.com/bparees/openshift-jee-sample.git" + }, + "from": { + "kind": "DockerImage", + "name": "openshift/wildfly-100-centos7:latest" + } } ] } @@ -294,6 +366,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a MySQL database", + "iconClass": "icon-mysql-database", + "tags": "mysql" + }, "from": { "kind": "ImageStreamTag", "name": "5.6" @@ -301,6 +378,12 @@ }, { "name": "5.5", + "annotations": { + "description": "Provides a MySQL v5.5 database", + "iconClass": "icon-mysql-database", + "tags": "mysql", + "version": "5.5" + }, "from": { "kind": "DockerImage", "name": "openshift/mysql-55-centos7:latest" @@ -308,6 +391,12 @@ }, { "name": "5.6", + "annotations": { + "description": "Provides a MySQL v5.6 database", + "iconClass": "icon-mysql-database", + "tags": "mysql", + "version": "5.6" + }, "from": { "kind": "DockerImage", "name": "centos/mysql-56-centos7:latest" @@ -327,6 +416,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a PostgreSQL database", + "iconClass": "icon-postgresql", + "tags": "postgresql" + }, "from": { "kind": "ImageStreamTag", "name": "9.4" @@ -334,6 +428,12 @@ }, { "name": "9.2", + "annotations": { + "description": "Provides a PostgreSQL v9.2 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.2" + }, "from": { "kind": "DockerImage", "name": "openshift/postgresql-92-centos7:latest" @@ -341,6 +441,12 @@ }, { "name": "9.4", + "annotations": { + "description": "Provides a PostgreSQL v9.4 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.4" + }, "from": { "kind": "DockerImage", "name": "centos/postgresql-94-centos7:latest" @@ -360,6 +466,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a MongoDB database", + "iconClass": "icon-mongodb", + "tags": "mongodb" + }, "from": { "kind": "ImageStreamTag", "name": "2.6" @@ -367,6 +478,12 @@ }, { "name": "2.4", + "annotations": { + "description": "Provides a MongoDB v2.4 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "2.4" + }, "from": { "kind": "DockerImage", "name": "openshift/mongodb-24-centos7:latest" @@ -374,6 +491,12 @@ }, { "name": "2.6", + "annotations": { + "description": "Provides a MongoDB v2.6 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "2.6" + }, "from": { "kind": "DockerImage", "name": "centos/mongodb-26-centos7:latest" @@ -393,6 +516,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a Jenkins server", + "iconClass": "icon-jenkins", + "tags": "jenkins" + }, "from": { "kind": "ImageStreamTag", "name": "1" @@ -400,6 +528,12 @@ }, { "name": "1", + "annotations": { + "description": "Provides a Jenkins server", + "iconClass": "icon-jenkins", + "tags": "jenkins", + "version": "1.x" + }, "from": { "kind": "DockerImage", "name": "openshift/jenkins-1-centos7:latest" diff --git a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json index 3f5f713b4..00635ec78 100644 --- a/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json +++ b/roles/openshift_examples/files/examples/v1.1/image-streams/image-streams-rhel7.json @@ -14,6 +14,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Ruby applications", + "iconClass": "icon-ruby", + "tags": "builder,ruby", + "supports": "ruby,ruby", + "sampleRepo": "https://github.com/openshift/ruby-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "2.2" @@ -63,6 +70,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run NodeJS applications", + "iconClass": "icon-nodejs", + "tags": "builder,nodejs", + "supports":"nodejs", + "sampleRepo": "https://github.com/openshift/nodejs-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "0.10" @@ -97,6 +111,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Perl applications", + "iconClass": "icon-perl", + "tags": "builder,perl", + "supports":"perl", + "sampleRepo": "https://github.com/openshift/dancer-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "5.20" @@ -147,6 +168,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run PHP applications", + "iconClass": "icon-php", + "tags": "builder,php", + "supports":"php", + "sampleRepo": "https://github.com/openshift/cakephp-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "5.6" @@ -196,6 +224,13 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Build and run Python applications", + "iconClass": "icon-python", + "tags": "builder,python", + "supports":"python", + "sampleRepo": "https://github.com/openshift/django-ex.git" + }, "from": { "kind": "ImageStreamTag", "name": "3.4" @@ -260,6 +295,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a MySQL database", + "iconClass": "icon-mysql-database", + "tags": "mysql" + }, "from": { "kind": "ImageStreamTag", "name": "5.6" @@ -267,6 +307,12 @@ }, { "name": "5.5", + "annotations": { + "description": "Provides a MySQL v5.5 database", + "iconClass": "icon-mysql-database", + "tags": "mysql", + "version": "5.5" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/mysql-55-rhel7:latest" @@ -274,6 +320,12 @@ }, { "name": "5.6", + "annotations": { + "description": "Provides a MySQL v5.6 database", + "iconClass": "icon-mysql-database", + "tags": "mysql", + "version": "5.6" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/mysql-56-rhel7:latest" @@ -293,6 +345,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a PostgreSQL database", + "iconClass": "icon-postgresql", + "tags": "postgresql" + }, "from": { "kind": "ImageStreamTag", "name": "9.4" @@ -300,6 +357,12 @@ }, { "name": "9.2", + "annotations": { + "description": "Provides a PostgreSQL v9.2 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.2" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/postgresql-92-rhel7:latest" @@ -307,6 +370,12 @@ }, { "name": "9.4", + "annotations": { + "description": "Provides a PostgreSQL v9.4 database", + "iconClass": "icon-postgresql", + "tags": "postgresql", + "version": "9.4" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/postgresql-94-rhel7:latest" @@ -326,6 +395,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a MongoDB database", + "iconClass": "icon-mongodb", + "tags": "mongodb" + }, "from": { "kind": "ImageStreamTag", "name": "2.6" @@ -333,6 +407,12 @@ }, { "name": "2.4", + "annotations": { + "description": "Provides a MongoDB v2.4 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "2.4" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/mongodb-24-rhel7:latest" @@ -340,6 +420,12 @@ }, { "name": "2.6", + "annotations": { + "description": "Provides a MongoDB v2.6 database", + "iconClass": "icon-mongodb", + "tags": "mongodb", + "version": "2.6" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/rhscl/mongodb-26-rhel7:latest" @@ -359,6 +445,11 @@ "tags": [ { "name": "latest", + "annotations": { + "description": "Provides a Jenkins server", + "iconClass": "icon-jenkins", + "tags": "jenkins" + }, "from": { "kind": "ImageStreamTag", "name": "1" @@ -366,6 +457,12 @@ }, { "name": "1", + "annotations": { + "description": "Provides a Jenkins server", + "iconClass": "icon-jenkins", + "tags": "jenkins", + "version": "1.x" + }, "from": { "kind": "DockerImage", "name": "registry.access.redhat.com/openshift3/jenkins-1-rhel7:latest" diff --git a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml index be999bd1a..99f2df4fa 100644 --- a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/enterprise/metrics-deployer.yaml @@ -52,8 +52,6 @@ objects: value: ${IMAGE_PREFIX} - name: IMAGE_VERSION value: ${IMAGE_VERSION} - - name: PUBLIC_MASTER_URL - value: ${PUBLIC_MASTER_URL} - name: MASTER_URL value: ${MASTER_URL} - name: REDEPLOY @@ -79,11 +77,11 @@ objects: secretName: metrics-deployer parameters: - - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' + description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set prefix "openshift/origin-"' name: IMAGE_PREFIX value: "registry.access.redhat.com/openshift3/" - - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' + description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set version "latest"' name: IMAGE_VERSION value: "3.1.1" - @@ -109,7 +107,7 @@ parameters: - description: "The persistent volume size for each of the Cassandra nodes" name: CASSANDRA_PV_SIZE - value: "1Gi" + value: "10Gi" - description: "How many days metrics should be stored for." name: METRIC_DURATION diff --git a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/logging-deployer.yaml b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/logging-deployer.yaml index 4c798e148..9257b1f28 100644 --- a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/logging-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/logging-deployer.yaml @@ -69,6 +69,8 @@ objects: value: ${ES_OPS_RECOVER_EXPECTED_NODES} - name: ES_OPS_RECOVER_AFTER_TIME value: ${ES_OPS_RECOVER_AFTER_TIME} + - name: FLUENTD_NODESELECTOR + value: ${FLUENTD_NODESELECTOR} dnsPolicy: ClusterFirst restartPolicy: Never serviceAccount: logging-deployer @@ -148,4 +150,7 @@ parameters: description: "Timeout for *expected* ops nodes to be present when cluster is recovering from a full restart." name: ES_OPS_RECOVER_AFTER_TIME value: "5m" - +- + description: "The nodeSelector used for the Fluentd DaemonSet." + name: FLUENTD_NODESELECTOR + value: "logging-infra-fluentd=true" diff --git a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml index 3e9bcde5b..30d79acee 100644 --- a/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.1/infrastructure-templates/origin/metrics-deployer.yaml @@ -52,8 +52,6 @@ objects: value: ${IMAGE_PREFIX} - name: IMAGE_VERSION value: ${IMAGE_VERSION} - - name: PUBLIC_MASTER_URL - value: ${PUBLIC_MASTER_URL} - name: MASTER_URL value: ${MASTER_URL} - name: REDEPLOY @@ -79,11 +77,11 @@ objects: secretName: metrics-deployer parameters: - - description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set prefix "openshift/origin-"' + description: 'Specify prefix for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set prefix "openshift/origin-"' name: IMAGE_PREFIX - value: "docker.io/openshift/origin-" + value: "openshift/origin-" - - description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:v1.1", set version "v1.1"' + description: 'Specify version for metrics components; e.g. for "openshift/origin-metrics-deployer:latest", set version "latest"' name: IMAGE_VERSION value: "latest" - @@ -109,7 +107,7 @@ parameters: - description: "The persistent volume size for each of the Cassandra nodes" name: CASSANDRA_PV_SIZE - value: "1Gi" + value: "10Gi" - description: "How many days metrics should be stored for." name: METRIC_DURATION diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json index 52143da2d..6e6f4f096 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp-mysql.json @@ -5,7 +5,7 @@ "name": "cakephp-mysql-example", "annotations": { "description": "An example CakePHP application with a MySQL database", - "tags": "instant-app,php,cakephp,mysql", + "tags": "quickstart,php,cakephp,mysql", "iconClass": "icon-php" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "cakephp-mysql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "cakephp-mysql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "cakephp-mysql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -123,7 +123,7 @@ "type": "Rolling", "recreateParams": { "pre": { - "failurePolicy": "Abort", + "failurePolicy": "Retry", "execNewPod": { "command": [ "./migrate-database.sh" @@ -143,7 +143,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "cakephp-mysql-example:latest" + "name": "${NAME}:latest" } } }, @@ -153,13 +153,13 @@ ], "replicas": 1, "selector": { - "name": "cakephp-mysql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "labels": { - "name": "cakephp-mysql-example" + "name": "${NAME}" } }, "spec": { @@ -172,6 +172,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/health.php", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -209,7 +225,12 @@ "name": "OPCACHE_REVALIDATE_FREQ", "value": "${OPCACHE_REVALIDATE_FREQ}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -291,20 +312,39 @@ "containerPort": 3306 } ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DATABASE_USER}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DATABASE_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DATABASE_NAME}" + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ] } - ] + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, + "env": [ + { + "name": "MYSQL_USER", + "value": "${DATABASE_USER}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DATABASE_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DATABASE_NAME}" + } + ], + "resources": { + "limits": { + "memory": "${MEMORY_MYSQL_LIMIT}" + } + } } ] } @@ -314,76 +354,105 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "cakephp-mysql-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the CakePHP container can use.", + "value": "512Mi" + }, + { + "name": "MEMORY_MYSQL_LIMIT", + "displayName": "Memory Limit (MySQL)", + "description": "Maximum amount of memory the MySQL container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/cakephp-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "mysql" }, { "name": "DATABASE_ENGINE", - "description": "Database engine: postgresql, mysql or sqlite (default)", + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default).", "value": "mysql" }, { "name": "DATABASE_NAME", - "description": "Database name", + "displayName": "Database Name", "value": "default" }, { "name": "DATABASE_USER", - "description": "Database user name", + "displayName": "Database User", "value": "cakephp" }, { "name": "DATABASE_PASSWORD", - "description": "Database user password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "CAKEPHP_SECRET_TOKEN", - "description": "Set this to a long random string", + "displayName": "CakePHP secret token", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" }, { "name": "CAKEPHP_SECURITY_SALT", - "description": "Security salt for session hash", + "displayName": "CakePHP Security Salt", + "description": "Security salt for session hash.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "CAKEPHP_SECURITY_CIPHER_SEED", - "description": "Security cipher seed for session hash", + "displayName": "CakePHP Security Cipher Seed", + "description": "Security cipher seed for session hash.", "generate": "expression", "from": "[0-9]{30}" }, { "name": "OPCACHE_REVALIDATE_FREQ", - "description": "The How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", + "displayName": "OPcache Revalidation Frequency", + "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", "value": "2" } ] diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json index b77dc0c51..21e29ae30 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/cakephp.json @@ -5,7 +5,7 @@ "name": "cakephp-example", "annotations": { "description": "An example CakePHP application with no database", - "tags": "instant-app,php,cakephp", + "tags": "quickstart,php,cakephp", "iconClass": "icon-php" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "cakephp-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "cakephp-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "cakephp-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "cakephp-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +132,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "cakephp-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +142,13 @@ ], "replicas": 1, "selector": { - "name": "cakephp-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "labels": { - "name": "cakephp-example" + "name": "${NAME}" } }, "spec": { @@ -161,6 +161,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -198,7 +214,12 @@ "name": "OPCACHE_REVALIDATE_FREQ", "value": "${OPCACHE_REVALIDATE_FREQ}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -208,70 +229,93 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "cakephp-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/cakephp-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "DATABASE_ENGINE", - "description": "Database engine: postgresql, mysql or sqlite (default)" + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default)." }, { "name": "DATABASE_NAME", - "description": "Database name" + "displayName": "Database Name" }, { "name": "DATABASE_USER", - "description": "Database user name" + "displayName": "Database User" }, { "name": "DATABASE_PASSWORD", - "description": "Database user password" + "displayName": "Database Password" }, { "name": "CAKEPHP_SECRET_TOKEN", - "description": "Set this to a long random string", + "displayName": "CakePHP Secret Token", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" }, { "name": "CAKEPHP_SECURITY_SALT", - "description": "Security salt for session hash", + "displayName": "CakePHP Security Salt", + "description": "Security salt for session hash.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "CAKEPHP_SECURITY_CIPHER_SEED", - "description": "Security cipher seed for session hash", + "displayName": "CakePHP Security Cipher Seed", + "description": "Security cipher seed for session hash.", "generate": "expression", "from": "[0-9]{30}" }, { "name": "OPCACHE_REVALIDATE_FREQ", - "description": "The How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", + "displayName": "OPcache Revalidation Frequency", + "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", "value": "2" } ] diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json index edc6a1f3f..20d9ac2b2 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer-mysql.json @@ -5,7 +5,7 @@ "name": "dancer-mysql-example", "annotations": { "description": "An example Dancer application with a MySQL database", - "tags": "instant-app,perl,dancer,mysql", + "tags": "quickstart,perl,dancer,mysql", "iconClass": "icon-perl" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "dancer-mysql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "dancer-mysql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "dancer-mysql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -129,7 +129,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "dancer-mysql-example:latest" + "name": "${NAME}:latest" } } }, @@ -139,13 +139,13 @@ ], "replicas": 1, "selector": { - "name": "dancer-mysql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "labels": { - "name": "dancer-mysql-example" + "name": "${NAME}" } }, "spec": { @@ -158,6 +158,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/health", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -183,7 +199,12 @@ "name": "PERL_APACHE2_RELOAD", "value": "${PERL_APACHE2_RELOAD}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -265,6 +286,20 @@ "containerPort": 3306 } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, "env": [ { "name": "MYSQL_USER", @@ -275,10 +310,15 @@ "value": "${DATABASE_PASSWORD}" }, { - "name": "MYSQL_DATABASE", - "value": "${DATABASE_NAME}" + "name": "MYSQL_DATABASE", + "value": "${DATABASE_NAME}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_MYSQL_LIMIT}" + } + } } ] } @@ -288,71 +328,97 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "dancer-mysql-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Perl Dancer container can use.", + "value": "512Mi" + }, + { + "name": "MEMORY_MYSQL_LIMIT", + "displayName": "Memory Limit (MySQL)", + "description": "Maximum amount of memory the MySQL container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/dancer-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "ADMIN_USERNAME", - "description": "administrator username", + "displayName": "Administrator Username", "generate": "expression", "from": "admin[A-Z0-9]{3}" }, { "name": "ADMIN_PASSWORD", - "description": "administrator password", + "displayName": "Administrator Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "database" }, { "name": "DATABASE_USER", - "description": "database username", + "displayName": "Database Username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "description": "database password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_NAME", - "description": "database name", + "displayName": "Database Name", "value": "sampledb" }, { "name": "PERL_APACHE2_RELOAD", - "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "displayName": "Perl Module Reload", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.", "value": "" }, { "name": "SECRET_KEY_BASE", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json index 409252d82..17a114cbb 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/dancer.json @@ -5,7 +5,7 @@ "name": "dancer-example", "annotations": { "description": "An example Dancer application with no database", - "tags": "instant-app,perl,dancer", + "tags": "quickstart,perl,dancer", "iconClass": "icon-perl" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "dancer-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "dancer-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "dancer-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "dancer-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +132,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "dancer-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +142,13 @@ ], "replicas": 1, "selector": { - "name": "dancer-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "dancer-example", + "name": "${NAME}", "labels": { - "name": "dancer-example" + "name": "${NAME}" } }, "spec": { @@ -161,12 +161,33 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "PERL_APACHE2_RELOAD", "value": "${PERL_APACHE2_RELOAD}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -176,38 +197,58 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "dancer-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/dancer-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "SECRET_KEY_BASE", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" }, { "name": "PERL_APACHE2_RELOAD", - "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "displayName": "Perl Module Reload", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.", "value": "" } ] diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json index c4c55ddd8..063591a8f 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django-postgresql.json @@ -5,7 +5,7 @@ "name": "django-psql-example", "annotations": { "description": "An example Django application with a PostgreSQL database", - "tags": "instant-app,python,django,postgresql", + "tags": "quickstart,python,django,postgresql", "iconClass": "icon-python" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "django-psql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "django-psql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "django-psql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "django-psql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -106,14 +106,17 @@ "secret": "${GITHUB_WEBHOOK_SECRET}" } } - ] + ], + "postCommit": { + "script": "./manage.py test" + } } }, { "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +135,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "django-psql-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +145,13 @@ ], "replicas": 1, "selector": { - "name": "django-psql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "labels": { - "name": "django-psql-example" + "name": "${NAME}" } }, "spec": { @@ -161,6 +164,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/health", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/health", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -190,7 +209,12 @@ "name": "DJANGO_SECRET_KEY", "value": "${DJANGO_SECRET_KEY}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -285,7 +309,26 @@ "name": "POSTGRESQL_DATABASE", "value": "${DATABASE_NAME}" } - ] + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, + "resources": { + "limits": { + "memory": "${MEMORY_POSTGRESQL_LIMIT}" + } + } } ] } @@ -295,62 +338,89 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "django-psql-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Django container can use.", + "value": "512Mi" + }, + { + "name": "MEMORY_POSTGRESQL_LIMIT", + "displayName": "Memory Limit (PostgreSQL)", + "description": "Maximum amount of memory the PostgreSQL container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/django-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "postgresql" }, { "name": "DATABASE_ENGINE", - "description": "Database engine: postgresql, mysql or sqlite (default)", + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default).", "value": "postgresql" }, { "name": "DATABASE_NAME", - "description": "Database name", + "displayName": "Database Name", "value": "default" }, { "name": "DATABASE_USER", - "description": "Database user name", + "displayName": "Database Username", "value": "django" }, { "name": "DATABASE_PASSWORD", - "description": "Database user password", + "displayName": "Database User Password", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "APP_CONFIG", - "description": "Relative path to Gunicorn configuration file (optional)" + "displayName": "Application Configuration File Path", + "description": "Relative path to Gunicorn configuration file (optional)." }, { "name": "DJANGO_SECRET_KEY", - "description": "Set this to a long random string", + "displayName": "Djange Secret Key", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json index 75b6798b5..a36678ba6 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/django.json @@ -5,7 +5,7 @@ "name": "django-example", "annotations": { "description": "An example Django application with no database", - "tags": "instant-app,python,django", + "tags": "quickstart,python,django", "iconClass": "icon-python" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "django-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "django-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "django-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "django-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -106,14 +106,17 @@ "secret": "${GITHUB_WEBHOOK_SECRET}" } } - ] + ], + "postCommit": { + "script": "./manage.py test" + } } }, { "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +135,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "django-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +145,13 @@ ], "replicas": 1, "selector": { - "name": "django-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "django-example", + "name": "${NAME}", "labels": { - "name": "django-example" + "name": "${NAME}" } }, "spec": { @@ -161,6 +164,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -190,7 +209,12 @@ "name": "DJANGO_SECRET_KEY", "value": "${DJANGO_SECRET_KEY}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -200,56 +224,77 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "django-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/django-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "DATABASE_ENGINE", - "description": "Database engine: postgresql, mysql or sqlite (default)" + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default)." }, { "name": "DATABASE_NAME", - "description": "Database name" + "displayName": "Database Name" }, { "name": "DATABASE_USER", - "description": "Database user name" + "displayName": "Database Username" }, { "name": "DATABASE_PASSWORD", - "description": "Database user password" + "displayName": "Database User Password" }, { "name": "APP_CONFIG", - "description": "Relative path to Gunicorn configuration file (optional)" + "displayName": "Application Configuration File Path", + "description": "Relative path to Gunicorn configuration file (optional)." }, { "name": "DJANGO_SECRET_KEY", - "description": "Set this to a long random string", + "displayName": "Django Secret Key", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json index 0b016373f..bbe6713ff 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-ephemeral-template.json @@ -65,8 +65,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -104,13 +103,33 @@ { "name": "jenkins", "image": "${JENKINS_IMAGE}", + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, "env": [ { "name": "JENKINS_PASSWORD", "value": "${JENKINS_PASSWORD}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${JENKINS_SERVICE_NAME}-data", @@ -143,12 +162,20 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "JENKINS_SERVICE_NAME", - "description": "Jenkins service name", + "displayName": "Jenkins service name", + "description": "The name of the OpenShift Service exposed for the Jenkins container", "value": "jenkins" }, { "name": "JENKINS_PASSWORD", + "displayName": "Jenkins password", "description": "Password for the Jenkins user", "generate": "expression", "value": "password" diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json index 98f0cea95..d98e729d4 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/jenkins-persistent-template.json @@ -82,8 +82,7 @@ }, "spec": { "strategy": { - "type": "Recreate", - "resources": {} + "type": "Recreate" }, "triggers": [ { @@ -121,13 +120,33 @@ { "name": "jenkins", "image": "${JENKINS_IMAGE}", + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, "env": [ { "name": "JENKINS_PASSWORD", "value": "${JENKINS_PASSWORD}" } ], - "resources": {}, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${JENKINS_SERVICE_NAME}-data", @@ -160,18 +179,27 @@ ], "parameters": [ { + "name": "MEMORY_LIMIT", + "displayName": "Memory limit", + "description": "Maximum amount of memory the container can use", + "value": "512Mi" + }, + { "name": "JENKINS_SERVICE_NAME", - "description": "Jenkins service name", + "displayName": "Jenkins service name", + "description": "The name of the OpenShift Service exposed for the Jenkins container", "value": "jenkins" }, { "name": "JENKINS_PASSWORD", + "displayName": "Jenkins password", "description": "Password for the Jenkins user", "generate": "expression", "value": "password" }, { "name": "VOLUME_CAPACITY", + "displayName": "Volume capacity", "description": "Volume space available for data, e.g. 512Mi, 2Gi", "value": "512Mi", "required": true diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json index 21f943da7..e352b15f3 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs-mongodb.json @@ -5,7 +5,7 @@ "name": "nodejs-mongodb-example", "annotations": { "description": "An example Node.js application with a MongoDB database", - "tags": "instant-app,nodejs,mongodb", + "tags": "quickstart,nodejs,mongodb", "iconClass": "icon-nodejs" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "nodejs-mongodb-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "nodejs-mongodb-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -119,7 +119,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -138,7 +138,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "nodejs-mongodb-example:latest" + "name": "${NAME}:latest" } } }, @@ -148,13 +148,13 @@ ], "replicas": 1, "selector": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "labels": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" } }, "spec": { @@ -188,7 +188,28 @@ "name": "MONGODB_ADMIN_PASSWORD", "value": "${DATABASE_ADMIN_PASSWORD}" } - ] + ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/pagecount", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/pagecount", + "port": 8080 + } + }, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -287,7 +308,26 @@ "name": "MONGODB_ADMIN_PASSWORD", "value": "${DATABASE_ADMIN_PASSWORD}" } - ] + ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 3, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p ${DATABASE_ADMIN_PASSWORD} -n 1 --noheaders"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 27017 + } + }, + "resources": { + "limits": { + "memory": "${MEMORY_MONGODB_LIMIT}" + } + } } ] } @@ -297,60 +337,88 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "nodejs-mongodb-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Node.js container can use.", + "value": "512Mi" + }, + { + "name": "MEMORY_MONGODB_LIMIT", + "displayName": "Memory Limit (MongoDB)", + "description": "Maximum amount of memory the MongoDB container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/nodejs-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "GENERIC_WEBHOOK_SECRET", - "description": "A secret string used to configure the Generic webhook", + "displayName": "Generic Webhook Secret", + "description": "A secret string used to configure the Generic webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "mongodb" }, { "name": "DATABASE_USER", - "description": "Username for MongoDB user that will be used for accessing the database", + "displayName": "MongoDB Username", + "description": "Username for MongoDB user that will be used for accessing the database.", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "description": "Password for the MongoDB user", + "displayName": "MongoDB Password", + "description": "Password for the MongoDB user.", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "DATABASE_NAME", - "description": "Database name", + "displayName": "Database Name", "value": "sampledb" }, { "name": "DATABASE_ADMIN_PASSWORD", - "description": "Password for the database admin user", + "displayName": "Database Administrator Password", + "description": "Password for the database admin user.", "generate": "expression", "from": "[a-zA-Z0-9]{16}" } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json index 1e301c076..da16ec157 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/nodejs.json @@ -5,7 +5,7 @@ "name": "nodejs-example", "annotations": { "description": "An example Node.js application with no database", - "tags": "instant-app,nodejs", + "tags": "quickstart,nodejs", "iconClass": "icon-nodejs" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "nodejs-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "nodejs-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "nodejs-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "nodejs-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -119,7 +119,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -138,7 +138,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "nodejs-example:latest" + "name": "${NAME}:latest" } } }, @@ -148,13 +148,13 @@ ], "replicas": 1, "selector": { - "name": "nodejs-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "labels": { - "name": "nodejs-example" + "name": "${NAME}" } }, "spec": { @@ -167,6 +167,27 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -188,7 +209,12 @@ "name": "MONGODB_ADMIN_PASSWORD", "value": "${MONGODB_ADMIN_PASSWORD}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -198,54 +224,76 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "nodejs-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/nodejs-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "GENERIC_WEBHOOK_SECRET", - "description": "A secret string used to configure the Generic webhook", + "displayName": "Generic Webhook Secret", + "description": "A secret string used to configure the Generic webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "MONGODB_USER", - "description": "Username for MongoDB user that will be used for accessing the database" + "displayName": "MongoDB Username", + "description": "Username for MongoDB user that will be used for accessing the database." }, { "name": "MONGODB_PASSWORD", - "description": "Password for the MongoDB user" + "displayName": "MongoDB Password", + "description": "Password for the MongoDB user." }, { "name": "MONGODB_DATABASE", - "description": "Database name" + "displayName": "Database Name" }, { "name": "MONGODB_ADMIN_PASSWORD", - "description": "Password for the database admin user" + "displayName": "Database Administrator Password", + "description": "Password for the database admin user." } ] } diff --git a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json index 5dcbbc729..99b6513f2 100644 --- a/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.1/quickstart-templates/rails-postgresql.json @@ -5,7 +5,7 @@ "name": "rails-postgresql-example", "annotations": { "description": "An example Rails application with a PostgreSQL database", - "tags": "instant-app,ruby,rails,postgresql", + "tags": "quickstart,ruby,rails,postgresql", "iconClass": "icon-ruby" } }, @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "rails-postgresql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "rails-postgresql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "rails-postgresql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -106,14 +106,17 @@ "secret": "${GITHUB_WEBHOOK_SECRET}" } } - ] + ], + "postCommit": { + "script": "bundle exec rake test" + } } }, { "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -128,7 +131,7 @@ "command": [ "./migrate-database.sh" ], - "containerName": "rails-postgresql-example" + "containerName": "${NAME}" } } } @@ -143,7 +146,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "rails-postgresql-example:latest" + "name": "${NAME}:latest" } } }, @@ -153,13 +156,13 @@ ], "replicas": 1, "selector": { - "name": "rails-postgresql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "labels": { - "name": "rails-postgresql-example" + "name": "${NAME}" } }, "spec": { @@ -172,6 +175,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 5, + "httpGet": { + "path": "/articles", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 10, + "httpGet": { + "path": "/articles", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -202,10 +221,6 @@ "value": "${POSTGRESQL_SHARED_BUFFERS}" }, { - "name": "SECRET_KEY_BASE", - "value": "${SECRET_KEY_BASE}" - }, - { "name": "APPLICATION_DOMAIN", "value": "${APPLICATION_DOMAIN}" }, @@ -221,7 +236,12 @@ "name": "RAILS_ENV", "value": "${RAILS_ENV}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_LIMIT}" + } + } } ] } @@ -303,6 +323,20 @@ "containerPort": 5432 } ], + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"] + } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 5432 + } + }, "env": [ { "name": "POSTGRESQL_USER", @@ -324,7 +358,12 @@ "name": "POSTGRESQL_SHARED_BUFFERS", "value": "${POSTGRESQL_SHARED_BUFFERS}" } - ] + ], + "resources": { + "limits": { + "memory": "${MEMORY_POSTGRESQL_LIMIT}" + } + } } ] } @@ -334,80 +373,108 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "rails-postgresql-example" + }, + { + "name": "MEMORY_LIMIT", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Rails container can use.", + "value": "512Mi" + }, + { + "name": "MEMORY_POSTGRESQL_LIMIT", + "displayName": "Memory Limit (PostgreSQL)", + "description": "Maximum amount of memory the PostgreSQL container can use.", + "value": "512Mi" + }, + { "name": "SOURCE_REPOSITORY_URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/rails-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "SECRET_KEY_BASE", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" }, { "name": "APPLICATION_USER", - "description": "The application user that is used within the sample application to authorize access on pages", + "displayName": "Application Username", + "description": "The application user that is used within the sample application to authorize access on pages.", "value": "openshift" }, { "name": "APPLICATION_PASSWORD", - "description": "The application password that is used within the sample application to authorize access on pages", + "displayName": "Application Password", + "description": "The application password that is used within the sample application to authorize access on pages.", "value": "secret" }, { "name": "RAILS_ENV", - "description": "Environment under which the sample application will run. Could be set to production, development or test", + "displayName": "Rails Environment", + "description": "Environment under which the sample application will run. Could be set to production, development or test.", "value": "production" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "postgresql" }, { "name": "DATABASE_USER", - "description": "database username", + "displayName": "Database Username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "description": "database password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_NAME", - "description": "database name", + "displayName": "Database Name", "value": "root" }, { "name": "POSTGRESQL_MAX_CONNECTIONS", - "description": "database max connections", + "displayName": "Maximum Database Connections", "value": "100" }, { "name": "POSTGRESQL_SHARED_BUFFERS", - "description": "database shared buffers", + "displayName": "Shared Buffer Amount", "value": "12MB" } ] diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-ephemeral-template.json index 2d0760fdd..fe9effc19 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-ephemeral-template.json @@ -96,7 +96,7 @@ "timeoutSeconds": 1, "initialDelaySeconds": 3, "exec": { - "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p ${MONGODB_ADMIN_PASSWORD} -n 1 --noheaders"] + "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p $MONGODB_ADMIN_PASSWORD -n 1 --noheaders"] } }, "livenessProbe": { diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-persistent-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-persistent-template.json index da22a8d1b..ab37e7a3a 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/mongodb-persistent-template.json @@ -113,7 +113,7 @@ "timeoutSeconds": 1, "initialDelaySeconds": 3, "exec": { - "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p ${MONGODB_ADMIN_PASSWORD} -n 1 --noheaders"] + "command": [ "/bin/sh", "-i", "-c", "mongostat --host 127.0.0.1 -u admin -p $MONGODB_ADMIN_PASSWORD -n 1 --noheaders"] } }, "livenessProbe": { diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-ephemeral-template.json index 5c042e7ea..2c28db746 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-ephemeral-template.json @@ -97,7 +97,7 @@ "initialDelaySeconds": 5, "exec": { "command": [ "/bin/sh", "-i", "-c", - "MYSQL_PWD='${MYSQL_PASSWORD}' mysql -h 127.0.0.1 -u ${MYSQL_USER} -D ${MYSQL_DATABASE} -e 'SELECT 1'"] + "MYSQL_PWD='$MYSQL_PASSWORD' mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] } }, "livenessProbe": { diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-persistent-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-persistent-template.json index d565179a5..94199b6fe 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/mysql-persistent-template.json @@ -114,7 +114,7 @@ "initialDelaySeconds": 5, "exec": { "command": [ "/bin/sh", "-i", "-c", - "MYSQL_PWD='${MYSQL_PASSWORD}' mysql -h 127.0.0.1 -u ${MYSQL_USER} -D ${MYSQL_DATABASE} -e 'SELECT 1'"] + "MYSQL_PWD='$MYSQL_PASSWORD' mysql -h 127.0.0.1 -u $MYSQL_USER -D $MYSQL_DATABASE -e 'SELECT 1'"] } }, "livenessProbe": { diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-ephemeral-template.json index 8105e487b..da548c591 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-ephemeral-template.json @@ -96,7 +96,7 @@ "timeoutSeconds": 1, "initialDelaySeconds": 5, "exec": { - "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"] + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] } }, "livenessProbe": { diff --git a/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-persistent-template.json b/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-persistent-template.json index 5d7c525c0..df8a34a9e 100644 --- a/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.2/db-templates/postgresql-persistent-template.json @@ -113,7 +113,7 @@ "timeoutSeconds": 1, "initialDelaySeconds": 5, "exec": { - "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U ${POSTGRESQL_USER} -q -d ${POSTGRESQL_DATABASE} -c 'SELECT 1'"] + "command": [ "/bin/sh", "-i", "-c", "psql -h 127.0.0.1 -U $POSTGRESQL_USER -q -d $POSTGRESQL_DATABASE -c 'SELECT 1'"] } }, "livenessProbe": { @@ -138,10 +138,10 @@ } ], "resources": { - "limits": { - "memory": "${MEMORY_LIMIT}" - } - }, + "limits": { + "memory": "${MEMORY_LIMIT}" + } + }, "volumeMounts": [ { "name": "${DATABASE_SERVICE_NAME}-data", diff --git a/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/origin/logging-deployer.yaml b/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/origin/logging-deployer.yaml index 4c798e148..9257b1f28 100644 --- a/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/origin/logging-deployer.yaml +++ b/roles/openshift_examples/files/examples/v1.2/infrastructure-templates/origin/logging-deployer.yaml @@ -69,6 +69,8 @@ objects: value: ${ES_OPS_RECOVER_EXPECTED_NODES} - name: ES_OPS_RECOVER_AFTER_TIME value: ${ES_OPS_RECOVER_AFTER_TIME} + - name: FLUENTD_NODESELECTOR + value: ${FLUENTD_NODESELECTOR} dnsPolicy: ClusterFirst restartPolicy: Never serviceAccount: logging-deployer @@ -148,4 +150,7 @@ parameters: description: "Timeout for *expected* ops nodes to be present when cluster is recovering from a full restart." name: ES_OPS_RECOVER_AFTER_TIME value: "5m" - +- + description: "The nodeSelector used for the Fluentd DaemonSet." + name: FLUENTD_NODESELECTOR + value: "logging-infra-fluentd=true" diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp-mysql.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp-mysql.json index 9e0ae218d..6e6f4f096 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp-mysql.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp-mysql.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "cakephp-mysql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "cakephp-mysql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "cakephp-mysql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -123,7 +123,7 @@ "type": "Rolling", "recreateParams": { "pre": { - "failurePolicy": "Abort", + "failurePolicy": "Retry", "execNewPod": { "command": [ "./migrate-database.sh" @@ -143,7 +143,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "cakephp-mysql-example:latest" + "name": "${NAME}:latest" } } }, @@ -153,13 +153,13 @@ ], "replicas": 1, "selector": { - "name": "cakephp-mysql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "cakephp-mysql-example", + "name": "${NAME}", "labels": { - "name": "cakephp-mysql-example" + "name": "${NAME}" } }, "spec": { @@ -172,6 +172,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/health.php", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -296,24 +312,38 @@ "containerPort": 3306 } ], - "env": [ - { - "name": "MYSQL_USER", - "value": "${DATABASE_USER}" - }, - { - "name": "MYSQL_PASSWORD", - "value": "${DATABASE_PASSWORD}" - }, - { - "name": "MYSQL_DATABASE", - "value": "${DATABASE_NAME}" + "readinessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 5, + "exec": { + "command": [ "/bin/sh", "-i", "-c", "MYSQL_PWD='${DATABASE_PASSWORD}' mysql -h 127.0.0.1 -u ${DATABASE_USER} -D ${DATABASE_NAME} -e 'SELECT 1'" ] } + }, + "livenessProbe": { + "timeoutSeconds": 1, + "initialDelaySeconds": 30, + "tcpSocket": { + "port": 3306 + } + }, + "env": [ + { + "name": "MYSQL_USER", + "value": "${DATABASE_USER}" + }, + { + "name": "MYSQL_PASSWORD", + "value": "${DATABASE_PASSWORD}" + }, + { + "name": "MYSQL_DATABASE", + "value": "${DATABASE_NAME}" + } ], "resources": { - "limits": { - "memory": "${MEMORY_MYSQL_LIMIT}" - } + "limits": { + "memory": "${MEMORY_MYSQL_LIMIT}" + } } } ] @@ -324,101 +354,104 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "cakephp-mysql-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the CakePHP container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the CakePHP container can use.", "value": "512Mi" }, { "name": "MEMORY_MYSQL_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the MySQL container can use", + "displayName": "Memory Limit (MySQL)", + "description": "Maximum amount of memory the MySQL container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/cakephp-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application domain", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name", + "displayName": "Database Service Name", "value": "mysql" }, { "name": "DATABASE_ENGINE", - "displayName": "Database engine", - "description": "Database engine: postgresql, mysql or sqlite (default)", + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default).", "value": "mysql" }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "Database name", + "displayName": "Database Name", "value": "default" }, { "name": "DATABASE_USER", - "displayName": "Database user", - "description": "Database user name", + "displayName": "Database User", "value": "cakephp" }, { "name": "DATABASE_PASSWORD", - "displayName": "Database password", - "description": "Database user password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "CAKEPHP_SECRET_TOKEN", "displayName": "CakePHP secret token", - "description": "Set this to a long random string", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" }, { "name": "CAKEPHP_SECURITY_SALT", - "displayName": "CakePHP security salt", - "description": "Security salt for session hash", + "displayName": "CakePHP Security Salt", + "description": "Security salt for session hash.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "CAKEPHP_SECURITY_CIPHER_SEED", - "displayName": "CakePHP security cipher seed", - "description": "Security cipher seed for session hash", + "displayName": "CakePHP Security Cipher Seed", + "description": "Security cipher seed for session hash.", "generate": "expression", "from": "[0-9]{30}" }, { "name": "OPCACHE_REVALIDATE_FREQ", - "displayName": "OPcache revalidation frequency", + "displayName": "OPcache Revalidation Frequency", "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", "value": "2" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp.json index d29c446e5..21e29ae30 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/cakephp.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "cakephp-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "cakephp-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "cakephp-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "cakephp-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +132,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "cakephp-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +142,13 @@ ], "replicas": 1, "selector": { - "name": "cakephp-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "cakephp-example", + "name": "${NAME}", "labels": { - "name": "cakephp-example" + "name": "${NAME}" } }, "spec": { @@ -161,6 +161,22 @@ "containerPort": 8080 } ], + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/", + "port": 8080 + } + }, "env": [ { "name": "DATABASE_SERVICE_NAME", @@ -213,89 +229,92 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "cakephp-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/cakephp-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application domain", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the CakePHP service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "DATABASE_ENGINE", - "displayName": "Database engine", - "description": "Database engine: postgresql, mysql or sqlite (default)" + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default)." }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "Database name" + "displayName": "Database Name" }, { "name": "DATABASE_USER", - "displayName": "Database user", - "description": "Database user name" + "displayName": "Database User" }, { "name": "DATABASE_PASSWORD", - "displayName": "Database password", - "description": "Database user password" + "displayName": "Database Password" }, { "name": "CAKEPHP_SECRET_TOKEN", - "displayName": "CakePHP secret token", - "description": "Set this to a long random string", + "displayName": "CakePHP Secret Token", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" }, { "name": "CAKEPHP_SECURITY_SALT", - "displayName": "CakePHP security salt", - "description": "Security salt for session hash", + "displayName": "CakePHP Security Salt", + "description": "Security salt for session hash.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "CAKEPHP_SECURITY_CIPHER_SEED", - "displayName": "CakePHP security cipher seed", - "description": "Security cipher seed for session hash", + "displayName": "CakePHP Security Cipher Seed", + "description": "Security cipher seed for session hash.", "generate": "expression", "from": "[0-9]{30}" }, { "name": "OPCACHE_REVALIDATE_FREQ", - "displayName": "OPcache revalidation frequency", + "displayName": "OPcache Revalidation Frequency", "description": "How often to check script timestamps for updates, in seconds. 0 will result in OPcache checking for updates on every request.", "value": "2" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer-mysql.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer-mysql.json index 2e5c8021f..20d9ac2b2 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer-mysql.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer-mysql.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "dancer-mysql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "dancer-mysql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "dancer-mysql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -129,7 +129,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "dancer-mysql-example:latest" + "name": "${NAME}:latest" } } }, @@ -139,13 +139,13 @@ ], "replicas": 1, "selector": { - "name": "dancer-mysql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "dancer-mysql-example", + "name": "${NAME}", "labels": { - "name": "dancer-mysql-example" + "name": "${NAME}" } }, "spec": { @@ -328,89 +328,97 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "dancer-mysql-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the Perl Dancer container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Perl Dancer container can use.", "value": "512Mi" }, { "name": "MEMORY_MYSQL_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the MySQL container can use", + "displayName": "Memory Limit (MySQL)", + "description": "Maximum amount of memory the MySQL container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/dancer-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application domain", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "ADMIN_USERNAME", - "displayName": "Administrator username", - "description": "administrator username", + "displayName": "Administrator Username", "generate": "expression", "from": "admin[A-Z0-9]{3}" }, { "name": "ADMIN_PASSWORD", - "description": "administrator password", + "displayName": "Administrator Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_SERVICE_NAME", - "description": "Database service name", + "displayName": "Database Service Name", "value": "database" }, { "name": "DATABASE_USER", - "description": "database username", + "displayName": "Database Username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "description": "database password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_NAME", - "description": "database name", + "displayName": "Database Name", "value": "sampledb" }, { "name": "PERL_APACHE2_RELOAD", - "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "displayName": "Perl Module Reload", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.", "value": "" }, { "name": "SECRET_KEY_BASE", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer.json index 83b010e95..17a114cbb 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/dancer.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "dancer-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "dancer-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "dancer-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "dancer-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -113,7 +113,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "dancer-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -132,7 +132,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "dancer-example:latest" + "name": "${NAME}:latest" } } }, @@ -142,13 +142,13 @@ ], "replicas": 1, "selector": { - "name": "dancer-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "dancer-example", + "name": "${NAME}", "labels": { - "name": "dancer-example" + "name": "${NAME}" } }, "spec": { @@ -197,51 +197,58 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "dancer-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/dancer-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application domain", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Dancer service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "SECRET_KEY_BASE", - "displayName": "Secret key", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" }, { "name": "PERL_APACHE2_RELOAD", - "displayName": "Perl module reload", - "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules", + "displayName": "Perl Module Reload", + "description": "Set this to \"true\" to enable automatic reloading of modified Perl modules.", "value": "" } ] diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django-postgresql.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django-postgresql.json index 5bf3235c6..063591a8f 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django-postgresql.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "django-psql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "django-psql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "django-psql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "django-psql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -116,7 +116,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -135,7 +135,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "django-psql-example:latest" + "name": "${NAME}:latest" } } }, @@ -145,13 +145,13 @@ ], "replicas": 1, "selector": { - "name": "django-psql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "django-psql-example", + "name": "${NAME}", "labels": { - "name": "django-psql-example" + "name": "${NAME}" } }, "spec": { @@ -338,86 +338,89 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "django-psql-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the Django container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Django container can use.", "value": "512Mi" }, { "name": "MEMORY_POSTGRESQL_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the PostgreSQL container can use", + "displayName": "Memory Limit (PostgreSQL)", + "description": "Maximum amount of memory the PostgreSQL container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/django-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application hostname", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name", + "displayName": "Database Service Name", "value": "postgresql" }, { "name": "DATABASE_ENGINE", - "displayName": "Database engine", - "description": "Database engine: postgresql, mysql or sqlite (default)", + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default).", "value": "postgresql" }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "Database name", + "displayName": "Database Name", "value": "default" }, { "name": "DATABASE_USER", - "displayName": "Database user name", - "description": "Database user name", + "displayName": "Database Username", "value": "django" }, { "name": "DATABASE_PASSWORD", - "displayName": "Database user password", - "description": "Database user password", + "displayName": "Database User Password", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "APP_CONFIG", - "displayName": "Application configuration file path", - "description": "Relative path to Gunicorn configuration file (optional)" + "displayName": "Application Configuration File Path", + "description": "Relative path to Gunicorn configuration file (optional)." }, { "name": "DJANGO_SECRET_KEY", - "displayName": "Djange secret key", - "description": "Set this to a long random string", + "displayName": "Djange Secret Key", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django.json index 1ddc9e088..a36678ba6 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/django.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "django-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "django-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "django-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "django-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -116,7 +116,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "django-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -135,7 +135,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "django-example:latest" + "name": "${NAME}:latest" } } }, @@ -145,13 +145,13 @@ ], "replicas": 1, "selector": { - "name": "django-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "django-example", + "name": "${NAME}", "labels": { - "name": "django-example" + "name": "${NAME}" } }, "spec": { @@ -224,74 +224,77 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "django-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/django-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application hostname", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Django service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "DATABASE_ENGINE", - "displayName": "Database engine", - "description": "Database engine: postgresql, mysql or sqlite (default)" + "displayName": "Database Engine", + "description": "Database engine: postgresql, mysql or sqlite (default)." }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "Database name" + "displayName": "Database Name" }, { "name": "DATABASE_USER", - "displayName": "Database user name", - "description": "Database user name" + "displayName": "Database Username" }, { "name": "DATABASE_PASSWORD", - "displayName": "Database user password", - "description": "Database user password" + "displayName": "Database User Password" }, { "name": "APP_CONFIG", - "displayName": "Application configuration file path", - "description": "Relative path to Gunicorn configuration file (optional)" + "displayName": "Application Configuration File Path", + "description": "Relative path to Gunicorn configuration file (optional)." }, { "name": "DJANGO_SECRET_KEY", - "displayName": "Djange secret key", - "description": "Set this to a long random string", + "displayName": "Django Secret Key", + "description": "Set this to a long random string.", "generate": "expression", "from": "[\\w]{50}" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-ephemeral-template.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-ephemeral-template.json index 024d7bfef..bbe6713ff 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-ephemeral-template.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-ephemeral-template.json @@ -103,6 +103,22 @@ { "name": "jenkins", "image": "${JENKINS_IMAGE}", + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, "env": [ { "name": "JENKINS_PASSWORD", diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-persistent-template.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-persistent-template.json index 4388350cb..d98e729d4 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-persistent-template.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/jenkins-persistent-template.json @@ -120,6 +120,22 @@ { "name": "jenkins", "image": "${JENKINS_IMAGE}", + "readinessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 3, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, + "livenessProbe": { + "timeoutSeconds": 3, + "initialDelaySeconds": 30, + "httpGet": { + "path": "/login", + "port": 8080 + } + }, "env": [ { "name": "JENKINS_PASSWORD", diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs-mongodb.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs-mongodb.json index d5a1be659..e352b15f3 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs-mongodb.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs-mongodb.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "nodejs-mongodb-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "nodejs-mongodb-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -119,7 +119,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -138,7 +138,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "nodejs-mongodb-example:latest" + "name": "${NAME}:latest" } } }, @@ -148,13 +148,13 @@ ], "replicas": 1, "selector": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "nodejs-mongodb-example", + "name": "${NAME}", "labels": { - "name": "nodejs-mongodb-example" + "name": "${NAME}" } }, "spec": { @@ -337,83 +337,88 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "nodejs-mongodb-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the Node.js container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Node.js container can use.", "value": "512Mi" }, { "name": "MEMORY_MONGODB_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the MongoDB container can use", + "displayName": "Memory Limit (MongoDB)", + "description": "Maximum amount of memory the MongoDB container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/nodejs-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application hostname", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "GENERIC_WEBHOOK_SECRET", - "displayName": "Generic webhook secret", - "description": "A secret string used to configure the Generic webhook", + "displayName": "Generic Webhook Secret", + "description": "A secret string used to configure the Generic webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name", + "displayName": "Database Service Name", "value": "mongodb" }, { "name": "DATABASE_USER", - "displayName": "MongoDB user name", - "description": "Username for MongoDB user that will be used for accessing the database", + "displayName": "MongoDB Username", + "description": "Username for MongoDB user that will be used for accessing the database.", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "displayName": "MongoDB password", - "description": "Password for the MongoDB user", + "displayName": "MongoDB Password", + "description": "Password for the MongoDB user.", "generate": "expression", "from": "[a-zA-Z0-9]{16}" }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "Database name", + "displayName": "Database Name", "value": "sampledb" }, { "name": "DATABASE_ADMIN_PASSWORD", - "displayName": "Database administrator password", - "description": "Password for the database admin user", + "displayName": "Database Administrator Password", + "description": "Password for the database admin user.", "generate": "expression", "from": "[a-zA-Z0-9]{16}" } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs.json index ef36a88bd..da16ec157 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/nodejs.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "nodejs-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "nodejs-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "nodejs-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "nodejs-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -119,7 +119,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -138,7 +138,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "nodejs-example:latest" + "name": "${NAME}:latest" } } }, @@ -148,13 +148,13 @@ ], "replicas": 1, "selector": { - "name": "nodejs-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "nodejs-example", + "name": "${NAME}", "labels": { - "name": "nodejs-example" + "name": "${NAME}" } }, "spec": { @@ -224,71 +224,76 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "nodejs-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/nodejs-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application hostname", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Node.js service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "GENERIC_WEBHOOK_SECRET", - "displayName": "Generic webhook secret", - "description": "A secret string used to configure the Generic webhook", + "displayName": "Generic Webhook Secret", + "description": "A secret string used to configure the Generic webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name" + "displayName": "Database Service Name" }, { "name": "MONGODB_USER", - "displayName": "MongoDB user name", - "description": "Username for MongoDB user that will be used for accessing the database" + "displayName": "MongoDB Username", + "description": "Username for MongoDB user that will be used for accessing the database." }, { "name": "MONGODB_PASSWORD", - "displayName": "MongoDB password", - "description": "Password for the MongoDB user" + "displayName": "MongoDB Password", + "description": "Password for the MongoDB user." }, { "name": "MONGODB_DATABASE", - "displayName": "Database name", - "description": "Database name" + "displayName": "Database Name" }, { "name": "MONGODB_ADMIN_PASSWORD", - "displayName": "Database administrator password", - "description": "Password for the database admin user" + "displayName": "Database Administrator Password", + "description": "Password for the database admin user." } ] } diff --git a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/rails-postgresql.json b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/rails-postgresql.json index 7599f70aa..99b6513f2 100644 --- a/roles/openshift_examples/files/examples/v1.2/quickstart-templates/rails-postgresql.json +++ b/roles/openshift_examples/files/examples/v1.2/quickstart-templates/rails-postgresql.json @@ -17,7 +17,7 @@ "kind": "Service", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Exposes and load balances the application pods" } @@ -31,7 +31,7 @@ } ], "selector": { - "name": "rails-postgresql-example" + "name": "${NAME}" } } }, @@ -39,13 +39,13 @@ "kind": "Route", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example" + "name": "${NAME}" }, "spec": { "host": "${APPLICATION_DOMAIN}", "to": { "kind": "Service", - "name": "rails-postgresql-example" + "name": "${NAME}" } } }, @@ -53,7 +53,7 @@ "kind": "ImageStream", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Keeps track of changes in the application image" } @@ -63,7 +63,7 @@ "kind": "BuildConfig", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to build the application" } @@ -90,7 +90,7 @@ "output": { "to": { "kind": "ImageStreamTag", - "name": "rails-postgresql-example:latest" + "name": "${NAME}:latest" } }, "triggers": [ @@ -116,7 +116,7 @@ "kind": "DeploymentConfig", "apiVersion": "v1", "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "annotations": { "description": "Defines how to deploy the application server" } @@ -131,7 +131,7 @@ "command": [ "./migrate-database.sh" ], - "containerName": "rails-postgresql-example" + "containerName": "${NAME}" } } } @@ -146,7 +146,7 @@ ], "from": { "kind": "ImageStreamTag", - "name": "rails-postgresql-example:latest" + "name": "${NAME}:latest" } } }, @@ -156,13 +156,13 @@ ], "replicas": 1, "selector": { - "name": "rails-postgresql-example" + "name": "${NAME}" }, "template": { "metadata": { - "name": "rails-postgresql-example", + "name": "${NAME}", "labels": { - "name": "rails-postgresql-example" + "name": "${NAME}" } }, "spec": { @@ -373,107 +373,108 @@ ], "parameters": [ { + "name": "NAME", + "displayName": "Name", + "description": "The name assigned to all of the frontend objects defined in this template.", + "required": true, + "value": "rails-postgresql-example" + }, + { "name": "MEMORY_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the Rails container can use", + "displayName": "Memory Limit", + "description": "Maximum amount of memory the Rails container can use.", "value": "512Mi" }, { "name": "MEMORY_POSTGRESQL_LIMIT", - "displayName": "Memory limit", - "description": "Maximum amount of memory the PostgreSQL container can use", + "displayName": "Memory Limit (PostgreSQL)", + "description": "Maximum amount of memory the PostgreSQL container can use.", "value": "512Mi" }, { "name": "SOURCE_REPOSITORY_URL", - "displayName": "Source repository URL", - "description": "The URL of the repository with your application source code", + "displayName": "Git Repository URL", + "description": "The URL of the repository with your application source code.", "value": "https://github.com/openshift/rails-ex.git" }, { "name": "SOURCE_REPOSITORY_REF", - "displayName": "Source repository reference", - "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch" + "displayName": "Git Reference", + "description": "Set this to a branch name, tag or other ref of your repository if you are not using the default branch." }, { "name": "CONTEXT_DIR", - "displayName": "Context directory", - "description": "Set this to the relative path to your project if it is not in the root of your repository" + "displayName": "Context Directory", + "description": "Set this to the relative path to your project if it is not in the root of your repository." }, { "name": "APPLICATION_DOMAIN", - "displayName": "Application hostname", + "displayName": "Application Hostname", "description": "The exposed hostname that will route to the Rails service, if left blank a value will be defaulted.", "value": "" }, { "name": "GITHUB_WEBHOOK_SECRET", - "displayName": "GitHub webhook secret", - "description": "A secret string used to configure the GitHub webhook", + "displayName": "GitHub Webhook Secret", + "description": "A secret string used to configure the GitHub webhook.", "generate": "expression", "from": "[a-zA-Z0-9]{40}" }, { "name": "SECRET_KEY_BASE", - "displayName": "Secret key", - "description": "Your secret key for verifying the integrity of signed cookies", + "displayName": "Secret Key", + "description": "Your secret key for verifying the integrity of signed cookies.", "generate": "expression", "from": "[a-z0-9]{127}" }, { "name": "APPLICATION_USER", - "displayName": "Application user name", - "description": "The application user that is used within the sample application to authorize access on pages", + "displayName": "Application Username", + "description": "The application user that is used within the sample application to authorize access on pages.", "value": "openshift" }, { "name": "APPLICATION_PASSWORD", - "displayName": "Application password", - "description": "The application password that is used within the sample application to authorize access on pages", + "displayName": "Application Password", + "description": "The application password that is used within the sample application to authorize access on pages.", "value": "secret" }, { "name": "RAILS_ENV", - "displayName": "Rails environment", - "description": "Environment under which the sample application will run. Could be set to production, development or test", + "displayName": "Rails Environment", + "description": "Environment under which the sample application will run. Could be set to production, development or test.", "value": "production" }, { "name": "DATABASE_SERVICE_NAME", - "displayName": "Database service name", - "description": "Database service name", + "displayName": "Database Service Name", "value": "postgresql" }, { "name": "DATABASE_USER", - "displayName": "Database user name", - "description": "database username", + "displayName": "Database Username", "generate": "expression", "from": "user[A-Z0-9]{3}" }, { "name": "DATABASE_PASSWORD", - "displayName": "Database password", - "description": "database password", + "displayName": "Database Password", "generate": "expression", "from": "[a-zA-Z0-9]{8}" }, { "name": "DATABASE_NAME", - "displayName": "Database name", - "description": "database name", + "displayName": "Database Name", "value": "root" }, { "name": "POSTGRESQL_MAX_CONNECTIONS", - "displayName": "Maximum database connections", - "description": "database max connections", + "displayName": "Maximum Database Connections", "value": "100" }, { "name": "POSTGRESQL_SHARED_BUFFERS", - "displayName": "Shared buffer amount", - "description": "database shared buffers", + "displayName": "Shared Buffer Amount", "value": "12MB" } ] diff --git a/roles/openshift_facts/library/openshift_facts.py b/roles/openshift_facts/library/openshift_facts.py index 596e4f894..30e29787a 100755 --- a/roles/openshift_facts/library/openshift_facts.py +++ b/roles/openshift_facts/library/openshift_facts.py @@ -27,6 +27,42 @@ from distutils.version import LooseVersion import struct import socket + +def migrate_docker_facts(facts): + """ Apply migrations for docker facts """ + params = { + 'common': ( + 'additional_registries', + 'insecure_registries', + 'blocked_registries', + 'options' + ), + 'node': ( + 'log_driver', + 'log_options' + ) + } + if 'docker' not in facts: + facts['docker'] = {} + for role in params.keys(): + if role in facts: + for param in params[role]: + old_param = 'docker_' + param + if old_param in facts[role]: + facts['docker'][param] = facts[role].pop(old_param) + + if 'node' in facts and 'portal_net' in facts['node']: + facts['docker']['hosted_registry_insecure'] = True + facts['docker']['hosted_registry_network'] = facts['node'].pop('portal_net') + return facts + +def migrate_local_facts(facts): + """ Apply migrations of local facts """ + migrated_facts = copy.deepcopy(facts) + return migrate_docker_facts(migrated_facts) + + + def first_ip(network): """ Return the first IPv4 address in network @@ -296,6 +332,11 @@ def normalize_provider_facts(provider, metadata): facts = dict(name=provider, metadata=metadata, network=dict(interfaces=[], ipv6_enabled=False)) + if os.path.exists('/etc/cloud.conf'): + for arg in ('api_server_args', 'controller_args', 'kubelet_args'): + facts[arg] = {'cloud-provider': [provider], + 'cloud-config': ['/etc/cloud.conf']} + if provider == 'gce': facts = normalize_gce_facts(metadata, facts) elif provider == 'ec2': @@ -657,18 +698,13 @@ def set_deployment_facts_if_unset(facts): data_dir = '/var/lib/openshift' facts['common']['data_dir'] = data_dir - # remove duplicate and empty strings from registry lists - for cat in ['additional', 'blocked', 'insecure']: - key = 'docker_{0}_registries'.format(cat) - if key in facts['common']: - facts['common'][key] = list(set(facts['common'][key]) - set([''])) - - + if 'docker' in facts: + deployment_type = facts['common']['deployment_type'] if deployment_type in ['enterprise', 'atomic-enterprise', 'openshift-enterprise']: - addtl_regs = facts['common'].get('docker_additional_registries', []) + addtl_regs = facts['docker'].get('additional_registries', []) ent_reg = 'registry.access.redhat.com' if ent_reg not in addtl_regs: - facts['common']['docker_additional_registries'] = addtl_regs + [ent_reg] + facts['docker']['additional_registries'] = addtl_regs + [ent_reg] for role in ('master', 'node'): if role in facts: @@ -775,7 +811,7 @@ def set_sdn_facts_if_unset(facts, system_facts): if 'common' in facts: use_sdn = facts['common']['use_openshift_sdn'] if not (use_sdn == '' or isinstance(use_sdn, bool)): - use_sdn = bool(strtobool(str(use_sdn))) + use_sdn = safe_get_bool(use_sdn) facts['common']['use_openshift_sdn'] = use_sdn if 'sdn_network_plugin_name' not in facts['common']: plugin = 'redhat/openshift-ovs-subnet' if use_sdn else '' @@ -904,7 +940,7 @@ def get_openshift_version(facts, cli_image=None): _, output, _ = module.run_command(['/usr/bin/openshift', 'version']) version = parse_openshift_version(output) - if 'is_containerized' in facts['common'] and facts['common']['is_containerized']: + if 'is_containerized' in facts['common'] and safe_get_bool(facts['common']['is_containerized']): container = None if 'master' in facts: if 'cluster_method' in facts['master']: @@ -1032,7 +1068,7 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw # ha (bool) can not change unless it has been passed # as a protected fact to overwrite. if key == 'ha': - if bool(value) != bool(new[key]): + if safe_get_bool(value) != safe_get_bool(new[key]): module.fail_json(msg='openshift_facts received a different value for openshift.master.ha') else: facts[key] = value @@ -1049,6 +1085,30 @@ def merge_facts(orig, new, additive_facts_to_overwrite, protected_facts_to_overw return facts +def merge_provider_facts(facts): + """ Recursively merge provider facts dicts + + Args: + facts (dict): existing facts + Returns: + dict: the facts dict updated with the provider config + """ + if 'provider' not in facts: + return facts + if 'master' in facts: + for arg in ('api_server_args', 'controller_args'): + facts['master'][arg] = merge_facts( + facts['provider'].get(arg, {}), + facts['master'].get(arg, {}), + [], []) + if 'node' in facts: + facts['node']['kubelet_args'] = merge_facts( + facts['provider'].get('kubelet_args', {}), + facts['node'].get('kubelet_args', {}), + [], []) + return facts + + def save_local_facts(filename, facts): """ Save local facts @@ -1097,6 +1157,15 @@ def get_local_facts_from_file(filename): return local_facts +def safe_get_bool(fact): + """ Get a boolean fact safely. + + Args: + facts: fact to convert + Returns: + bool: given fact as a bool + """ + return bool(strtobool(str(fact))) def set_container_facts_if_unset(facts): """ Set containerized facts. @@ -1142,7 +1211,7 @@ def set_container_facts_if_unset(facts): if 'ovs_image' not in facts['node']: facts['node']['ovs_image'] = ovs_image - if bool(strtobool(str(facts['common']['is_containerized']))): + if safe_get_bool(facts['common']['is_containerized']): facts['common']['admin_binary'] = '/usr/local/bin/oadm' facts['common']['client_binary'] = '/usr/local/bin/oc' base_version = get_openshift_version(facts, cli_image).split('-')[0] @@ -1212,7 +1281,7 @@ class OpenShiftFacts(object): Raises: OpenShiftFactsUnsupportedRoleError: """ - known_roles = ['common', 'master', 'node', 'etcd', 'hosted'] + known_roles = ['common', 'master', 'node', 'etcd', 'hosted', 'docker'] # Disabling too-many-arguments, this should be cleaned up as a TODO item. # pylint: disable=too-many-arguments @@ -1256,13 +1325,20 @@ class OpenShiftFacts(object): protected_facts_to_overwrite) roles = local_facts.keys() - defaults = self.get_defaults(roles) + + if 'common' in local_facts and 'deployment_type' in local_facts['common']: + deployment_type = local_facts['common']['deployment_type'] + else: + deployment_type = 'origin' + + defaults = self.get_defaults(roles, deployment_type) provider_facts = self.init_provider_facts() facts = apply_provider_facts(defaults, provider_facts) facts = merge_facts(facts, local_facts, additive_facts_to_overwrite, protected_facts_to_overwrite) + facts = merge_provider_facts(facts) facts['current_config'] = get_current_config(facts) facts = set_url_facts_if_unset(facts) facts = set_project_cfg_facts_if_unset(facts) @@ -1279,11 +1355,11 @@ class OpenShiftFacts(object): facts = set_aggregate_facts(facts) facts = set_etcd_facts_if_unset(facts) facts = set_container_facts_if_unset(facts) - if not facts['common']['is_containerized']: + if not safe_get_bool(facts['common']['is_containerized']): facts = set_installed_variant_rpm_facts(facts) return dict(openshift=facts) - def get_defaults(self, roles): + def get_defaults(self, roles, deployment_type): """ Get default fact values Args: @@ -1292,8 +1368,7 @@ class OpenShiftFacts(object): Returns: dict: The generated default facts """ - defaults = dict() - + defaults = {} ip_addr = self.system_facts['default_ipv4']['address'] exit_code, output, _ = module.run_command(['hostname', '-f']) hostname_f = output.strip() if exit_code == 0 else '' @@ -1301,33 +1376,42 @@ class OpenShiftFacts(object): self.system_facts['fqdn']] hostname = choose_hostname(hostname_values, ip_addr) - common = dict(use_openshift_sdn=True, ip=ip_addr, public_ip=ip_addr, - deployment_type='origin', hostname=hostname, - public_hostname=hostname) - common['client_binary'] = 'oc' - common['admin_binary'] = 'oadm' - common['dns_domain'] = 'cluster.local' - common['install_examples'] = True - defaults['common'] = common + defaults['common'] = dict(use_openshift_sdn=True, ip=ip_addr, + public_ip=ip_addr, + deployment_type=deployment_type, + hostname=hostname, + public_hostname=hostname, + client_binary='oc', admin_binary='oadm', + dns_domain='cluster.local', + install_examples=True, + debug_level=2) if 'master' in roles: - master = dict(api_use_ssl=True, api_port='8443', controllers_port='8444', - console_use_ssl=True, console_path='/console', - console_port='8443', etcd_use_ssl=True, etcd_hosts='', - etcd_port='4001', portal_net='172.30.0.0/16', - embedded_etcd=True, embedded_kube=True, - embedded_dns=True, dns_port='53', - bind_addr='0.0.0.0', session_max_seconds=3600, - session_name='ssn', session_secrets_file='', - access_token_max_seconds=86400, - auth_token_max_seconds=500, - oauth_grant_method='auto') - defaults['master'] = master + defaults['master'] = dict(api_use_ssl=True, api_port='8443', + controllers_port='8444', + console_use_ssl=True, + console_path='/console', + console_port='8443', etcd_use_ssl=True, + etcd_hosts='', etcd_port='4001', + portal_net='172.30.0.0/16', + embedded_etcd=True, embedded_kube=True, + embedded_dns=True, dns_port='53', + bind_addr='0.0.0.0', + session_max_seconds=3600, + session_name='ssn', + session_secrets_file='', + access_token_max_seconds=86400, + auth_token_max_seconds=500, + oauth_grant_method='auto') if 'node' in roles: - node = dict(labels={}, annotations={}, portal_net='172.30.0.0/16', - iptables_sync_period='5s', set_node_ip=False) - defaults['node'] = node + defaults['node'] = dict(labels={}, annotations={}, + iptables_sync_period='5s', + local_quota_per_fsgroup="", + set_node_ip=False) + + if 'docker' in roles: + defaults['docker'] = dict(disable_push_dockerhub=False) defaults['hosted'] = dict( registry=dict( @@ -1347,6 +1431,7 @@ class OpenShiftFacts(object): ) ) + return defaults def guess_host_provider(self): @@ -1430,7 +1515,7 @@ class OpenShiftFacts(object): additive_facts_to_overwrite=None, openshift_env=None, protected_facts_to_overwrite=None): - """ Initialize the provider facts + """ Initialize the local facts Args: facts (dict): local facts to set @@ -1472,15 +1557,23 @@ class OpenShiftFacts(object): local_facts = get_local_facts_from_file(self.filename) - for arg in ['labels', 'annotations']: - if arg in facts_to_set and isinstance(facts_to_set[arg], - basestring): - facts_to_set[arg] = module.from_json(facts_to_set[arg]) + migrated_facts = migrate_local_facts(local_facts) - new_local_facts = merge_facts(local_facts, + new_local_facts = merge_facts(migrated_facts, facts_to_set, additive_facts_to_overwrite, protected_facts_to_overwrite) + + if 'docker' in new_local_facts: + # remove duplicate and empty strings from registry lists + for cat in ['additional', 'blocked', 'insecure']: + key = '{0}_registries'.format(cat) + if key in new_local_facts['docker']: + val = new_local_facts['docker'][key] + if isinstance(val, basestring): + val = [x.strip() for x in val.split(',')] + new_local_facts['docker'][key] = list(set(val) - set([''])) + for facts in new_local_facts.values(): keys_to_delete = [] if isinstance(facts, dict): diff --git a/roles/openshift_facts/tasks/main.yml b/roles/openshift_facts/tasks/main.yml index 0dbac1b54..50e7e5747 100644 --- a/roles/openshift_facts/tasks/main.yml +++ b/roles/openshift_facts/tasks/main.yml @@ -25,4 +25,11 @@ openshift_facts: role: common local_facts: + # TODO: Deprecate deployment_type in favor of openshift_deployment_type + deployment_type: "{{ openshift_deployment_type | default(deployment_type) }}" + cluster_id: "{{ openshift_cluster_id | default('default') }}" + hostname: "{{ openshift_hostname | default(None) }}" + ip: "{{ openshift_ip | default(None) }}" is_containerized: "{{ containerized | default(None) }}" + public_hostname: "{{ openshift_public_hostname | default(None) }}" + public_ip: "{{ openshift_public_ip | default(None) }}" diff --git a/roles/openshift_hosted_logging/README.md b/roles/openshift_hosted_logging/README.md new file mode 100644 index 000000000..b3f363571 --- /dev/null +++ b/roles/openshift_hosted_logging/README.md @@ -0,0 +1,10 @@ +###Required vars: + +- openshift_hosted_logging_hostname: kibana.example.com +- openshift_hosted_logging_elasticsearch_cluster_size: 1 +- openshift_hosted_logging_master_public_url: https://localhost:8443 + +###Optional vars: +- openshift_hosted_logging_secret_vars: (defaults to nothing=/dev/null) kibana.crt=/etc/origin/master/ca.crt kibana.key=/etc/origin/master/ca.key ca.crt=/etc/origin/master/ca.crt ca.key=/etc/origin/master/ca.key +- openshift_hosted_logging_fluentd_replicas: (defaults to 1) 3 +- openshift_hosted_logging_cleanup: (defaults to no) Set this to 'yes' in order to cleanup logging components instead of deploying. diff --git a/roles/openshift_hosted_logging/files/logging-deployer-sa.yaml b/roles/openshift_hosted_logging/files/logging-deployer-sa.yaml new file mode 100644 index 000000000..334c9402b --- /dev/null +++ b/roles/openshift_hosted_logging/files/logging-deployer-sa.yaml @@ -0,0 +1,6 @@ +apiVersion: v1 +kind: ServiceAccount +metadata: + name: logging-deployer +secrets: +- name: logging-deployer diff --git a/roles/openshift_hosted_logging/meta/main.yaml b/roles/openshift_hosted_logging/meta/main.yaml new file mode 100644 index 000000000..b695bde87 --- /dev/null +++ b/roles/openshift_hosted_logging/meta/main.yaml @@ -0,0 +1,3 @@ +--- +dependencies: + - { role: openshift_common } diff --git a/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml new file mode 100644 index 000000000..8331f0389 --- /dev/null +++ b/roles/openshift_hosted_logging/tasks/cleanup_logging.yaml @@ -0,0 +1,59 @@ +--- + - name: Create temp directory for kubeconfig + command: mktemp -d /tmp/openshift-ansible-XXXXXX + register: mktemp + changed_when: False + + - name: Copy the admin client config(s) + command: > + cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig + changed_when: False + + - name: "Checking for logging project" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get project logging" + register: logging_project + failed_when: "'FAILED' in logging_project.stderr" + + - name: "Changing projects" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig project logging" + + + - name: "Cleanup any previous logging infrastructure" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found all --selector logging-infra={{ item }}" + with_items: + - kibana + - fluentd + - elasticsearch + ignore_errors: yes + + - name: "Cleanup existing support infrastructure" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete --ignore-not-found all,sa,oauthclient --selector logging-infra=support" + ignore_errors: yes + + - name: "Cleanup existing secrets" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete secret logging-fluentd logging-elasticsearch logging-es-proxy logging-kibana logging-kibana-proxy logging-kibana-ops-proxy" + ignore_errors: yes + register: clean_result + failed_when: clean_result.rc == 1 and 'not found' not in clean_result.stderr + + - name: "Cleanup existing logging deployers" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete pods --all" + + + - name: "Cleanup logging project" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete project logging" + + + - name: "Remove deployer template" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig delete template logging-deployer-template -n openshift" + register: delete_ouput + failed_when: delete_ouput.rc == 1 and 'exists' not in delete_ouput.stderr + + + - name: Delete temp directory + file: + name: "{{ mktemp.stdout }}" + state: absent + changed_when: False + + - debug: msg="Success!" diff --git a/roles/openshift_hosted_logging/tasks/deploy_logging.yaml b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml new file mode 100644 index 000000000..d8a5b62a0 --- /dev/null +++ b/roles/openshift_hosted_logging/tasks/deploy_logging.yaml @@ -0,0 +1,105 @@ +--- + - fail: msg="This role requires the following vars to be defined. openshift_hosted_logging_master_public_url, openshift_hosted_logging_hostname, openshift_hosted_logging_elasticsearch_cluster_size" + when: "openshift_hosted_logging_hostname is not defined or + openshift_hosted_logging_elasticsearch_cluster_size is not defined or + openshift_hosted_logging_master_public_url is not defined" + + - name: Create temp directory for kubeconfig + command: mktemp -d /tmp/openshift-ansible-XXXXXX + register: mktemp + changed_when: False + + - name: Copy the admin client config(s) + command: > + cp {{ openshift_master_config_dir }}/admin.kubeconfig {{ mktemp.stdout }}/admin.kubeconfig + changed_when: False + + - name: "Create logging project" + command: {{ openshift.common.admin_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig new-project logging + + - name: "Changing projects" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig project logging" + + - name: "Creating logging deployer secret" + command: " {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig secrets new logging-deployer {{ openshift_hosted_logging_secret_vars | default('nothing=/dev/null') }}" + register: secret_output + failed_when: "secret_output.rc == 1 and 'exists' not in secret_output.stderr" + + - name: "Copy serviceAccount file" + copy: dest=/tmp/logging-deployer-sa.yaml + src={{role_path}}/files/logging-deployer-sa.yaml + force=yes + + - name: "Create logging-deployer service account" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f /tmp/logging-deployer-sa.yaml" + register: deployer_output + failed_when: "deployer_output.rc == 1 and 'exists' not in deployer_output.stderr" + + - name: "Set permissions for logging-deployer service account" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig policy add-role-to-user edit system:serviceaccount:logging:logging-deployer" + register: permiss_output + failed_when: "permiss_output.rc == 1 and 'exists' not in permiss_output.stderr" + + - name: "Set permissions for fluentd" + command: {{ openshift.common.admin_binary}} policy add-scc-to-user privileged system:serviceaccount:logging:aggregated-logging-fluentd + register: fluentd_output + failed_when: "fluentd_output.rc == 1 and 'exists' not in fluentd_output.stderr" + + - name: "Set additional permissions for fluentd" + command: {{ openshift.common.admin_binary}} policy add-cluster-role-to-user cluster-reader system:serviceaccount:logging:aggregated-logging-fluentd + register: fluentd2_output + failed_when: "fluentd2_output.rc == 1 and 'exists' not in fluentd2_output.stderr" + + - name: "Create deployer template" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f /usr/share/openshift/examples/infrastructure-templates/enterprise/logging-deployer.yaml -n openshift" + register: template_output + failed_when: "template_output.rc == 1 and 'exists' not in template_output.stderr" + + - name: "Process the deployer template" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig process logging-deployer-template -n openshift -v {{ oc_process_values }} | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f -" + + - name: "Wait for image pull and deployer pod" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get pods | grep logging-deployer.*Completed" + register: result + until: result.rc == 0 + retries: 15 + delay: 10 + + - name: "Process support template" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig process logging-support-template | {{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig create -f -" + + - name: "Set insecured registry" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig annotate is --all openshift.io/image.insecureRepository=true --overwrite" + when: "target_registry is defined and insecure_registry == 'true'" + + - name: "Wait for imagestreams to become available" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get is | grep logging-fluentd" + register: result + until: result.rc == 0 + failed_when: result.rc == 1 and 'not found' not in result.stderr + retries: 20 + delay: 10 + + - name: "Wait for replication controllers to become available" + shell: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig get rc | grep logging-fluentd-1" + register: result + until: result.rc == 0 + failed_when: result.rc == 1 and 'not found' not in result.stderr + retries: 20 + delay: 10 + + + - name: "Scale fluentd deployment config" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig scale dc/logging-fluentd --replicas={{ fluentd_replicas | default('1') }}" + + + - name: "Scale fluentd replication controller" + command: "{{ openshift.common.client_binary }} --config={{ mktemp.stdout }}/admin.kubeconfig scale rc/logging-fluentd-1 --replicas={{ fluentd_replicas | default('1') }}" + + - debug: msg="Logging components deployed. Note persistant volume for elasticsearch must be setup manually" + + - name: Delete temp directory + file: + name: "{{ mktemp.stdout }}" + state: absent + changed_when: False diff --git a/roles/openshift_hosted_logging/tasks/main.yaml b/roles/openshift_hosted_logging/tasks/main.yaml new file mode 100644 index 000000000..42568597a --- /dev/null +++ b/roles/openshift_hosted_logging/tasks/main.yaml @@ -0,0 +1,8 @@ +--- +- name: Cleanup logging deployment + include: "{{ role_path }}/tasks/cleanup_logging.yaml" + when: openshift_hosted_logging_cleanup | default(false) | bool + +- name: Deploy logging + include: "{{ role_path }}/tasks/deploy_logging.yaml" + when: not openshift_hosted_logging_cleanup | default(false) | bool diff --git a/roles/openshift_hosted_logging/vars/main.yaml b/roles/openshift_hosted_logging/vars/main.yaml new file mode 100644 index 000000000..586c2ab91 --- /dev/null +++ b/roles/openshift_hosted_logging/vars/main.yaml @@ -0,0 +1,6 @@ +kh_kv: "KIBANA_HOSTNAME={{ openshift_hosted_logging_hostname | quote }}" +es_cs_kv: "ES_CLUSTER_SIZE={{ openshift_hosted_logging_elasticsearch_cluster_size | quote }}" +pmu_kv: "PUBLIC_MASTER_URL={{ openshift_hosted_logging_master_public_url | quote }}" +ip_kv: "{{ 'IMAGE_PREFIX=' ~ target_registry | quote if target_registry is defined else '' }}" +oc_process_values: "{{ kh_kv }},{{ es_cs_kv }},{{ pmu_kv }},{{ ip_kv }}" +openshift_master_config_dir: "{{ openshift.common.config_base }}/master" diff --git a/roles/openshift_manageiq/tasks/main.yaml b/roles/openshift_manageiq/tasks/main.yaml index d2ff1b4b7..2a651df65 100644 --- a/roles/openshift_manageiq/tasks/main.yaml +++ b/roles/openshift_manageiq/tasks/main.yaml @@ -18,7 +18,7 @@ failed_when: "'already exists' not in osmiq_create_mi_project.stderr and osmiq_create_mi_project.rc != 0" changed_when: osmiq_create_mi_project.rc == 0 -- name: Create Service Account +- name: Create Admin Service Account shell: > echo {{ manageiq_service_account | to_json | quote }} | {{ openshift.common.client_binary }} create @@ -29,6 +29,17 @@ failed_when: "'already exists' not in osmiq_create_service_account.stderr and osmiq_create_service_account.rc != 0" changed_when: osmiq_create_service_account.rc == 0 +- name: Create Image Inspector Service Account + shell: > + echo {{ manageiq_image_inspector_service_account | to_json | quote }} | + {{ openshift.common.client_binary }} create + -n management-infra + --config={{manage_iq_tmp_conf}} + -f - + register: osmiq_create_service_account + failed_when: "'already exists' not in osmiq_create_service_account.stderr and osmiq_create_service_account.rc != 0" + changed_when: osmiq_create_service_account.rc == 0 + - name: Create Cluster Role shell: > echo {{ manageiq_cluster_role | to_json | quote }} | diff --git a/roles/openshift_manageiq/vars/main.yml b/roles/openshift_manageiq/vars/main.yml index 77e1c304b..69ee2cb4c 100644 --- a/roles/openshift_manageiq/vars/main.yml +++ b/roles/openshift_manageiq/vars/main.yml @@ -15,6 +15,12 @@ manageiq_service_account: metadata: name: management-admin +manageiq_image_inspector_service_account: + apiVersion: v1 + kind: ServiceAccount + metadata: + name: inspector-admin + manage_iq_tmp_conf: /tmp/manageiq_admin.kubeconfig manage_iq_tasks: @@ -22,3 +28,5 @@ manage_iq_tasks: - policy add-role-to-user -n management-infra management-infra-admin -z management-admin - policy add-cluster-role-to-user cluster-reader system:serviceaccount:management-infra:management-admin - policy add-scc-to-user privileged system:serviceaccount:management-infra:management-admin + - policy add-cluster-role-to-user system:image-puller system:serviceaccount:management-infra:inspector-admin + - policy add-scc-to-user privileged system:serviceaccount:management-infra:inspector-admin diff --git a/roles/openshift_master/handlers/main.yml b/roles/openshift_master/handlers/main.yml index 4d1216aae..e5b9e4977 100644 --- a/roles/openshift_master/handlers/main.yml +++ b/roles/openshift_master/handlers/main.yml @@ -17,7 +17,8 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl -k --silent {{ openshift.master.api_url }}/healthz/ready + curl --silent --cacert {{ openshift.common.config_base }}/master/ca.crt + {{ openshift.master.api_url }}/healthz/ready register: api_available_output until: api_available_output.stdout == 'ok' retries: 120 diff --git a/roles/openshift_master/meta/main.yml b/roles/openshift_master/meta/main.yml index 8db99fc2a..4eda4a8e2 100644 --- a/roles/openshift_master/meta/main.yml +++ b/roles/openshift_master/meta/main.yml @@ -12,5 +12,4 @@ galaxy_info: categories: - cloud dependencies: -- { role: openshift_common } -- { role: openshift_cli } +- role: openshift_cli diff --git a/roles/openshift_master/tasks/main.yml b/roles/openshift_master/tasks/main.yml index 759cda7d0..9c3d09d09 100644 --- a/roles/openshift_master/tasks/main.yml +++ b/roles/openshift_master/tasks/main.yml @@ -282,7 +282,8 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl -k --silent {{ openshift.master.api_url }}/healthz/ready + curl --silent --cacert {{ openshift.common.config_base }}/master/ca.crt + {{ openshift.master.api_url }}/healthz/ready register: api_available_output until: api_available_output.stdout == 'ok' retries: 120 @@ -319,6 +320,9 @@ changed_when: false register: _ansible_ssh_user_gid +- set_fact: + client_users: "{{ [ansible_ssh_user, 'root'] | unique }}" + - name: Create the client config dir(s) file: path: "~{{ item }}/.kube" @@ -326,9 +330,7 @@ mode: 0700 owner: "{{ item }}" group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" - with_items: - - root - - "{{ ansible_ssh_user }}" + with_items: client_users # TODO: Update this file if the contents of the source file are not present in # the dest file, will need to make sure to ignore things that could be added @@ -336,9 +338,7 @@ command: cp {{ openshift_master_config_dir }}/admin.kubeconfig ~{{ item }}/.kube/config args: creates: ~{{ item }}/.kube/config - with_items: - - root - - "{{ ansible_ssh_user }}" + with_items: client_users - name: Update the permissions on the admin client config(s) file: @@ -347,6 +347,4 @@ mode: 0700 owner: "{{ item }}" group: "{{ 'root' if item == 'root' else _ansible_ssh_user_gid.stdout }}" - with_items: - - root - - "{{ ansible_ssh_user }}" + with_items: client_users diff --git a/roles/openshift_master/templates/atomic-openshift-master.j2 b/roles/openshift_master/templates/atomic-openshift-master.j2 index 8602a492e..c848e0ac2 100644 --- a/roles/openshift_master/templates/atomic-openshift-master.j2 +++ b/roles/openshift_master/templates/atomic-openshift-master.j2 @@ -1,6 +1,6 @@ OPTIONS=--loglevel={{ openshift.master.debug_level }} CONFIG_FILE={{ openshift_master_config_file }} -{% if openshift.common.is_containerized %} +{% if openshift.common.is_containerized | bool %} IMAGE_VERSION={{ openshift_version }} {% endif %} diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 index 9c1f5a300..6a21a04ab 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-api.service.j2 @@ -1,24 +1,24 @@ [Unit] Description=Atomic OpenShift Master API Documentation=https://github.com/openshift/origin -After=network.target -After=etcd.service +After=etcd_container.service +Wants=etcd_container.service Before={{ openshift.common.service_type }}-node.service -Requires=network.target -Requires=docker.service +After=docker.service PartOf=docker.service +Requires=docker.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-api Environment=GOTRACEBACK=crash ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-api -ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-api --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-api -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master api --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-api LimitNOFILE=131072 LimitCORE=infinity WorkingDirectory={{ openshift.common.data_dir }} -SyslogIdentifier=atomic-openshift-master-api +SyslogIdentifier={{ openshift.common.service_type }}-master-api Restart=always [Install] diff --git a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 index 915c0cb8c..69f68d843 100644 --- a/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/docker-cluster/atomic-openshift-master-controllers.service.j2 @@ -1,9 +1,9 @@ [Unit] Description=Atomic OpenShift Master Controllers Documentation=https://github.com/openshift/origin -After=network.target +Wants={{ openshift.common.service_type }}-master-api.service After={{ openshift.common.service_type }}-master-api.service -Before={{ openshift.common.service_type }}-node.service +After=docker.service Requires=docker.service PartOf=docker.service @@ -11,7 +11,7 @@ PartOf=docker.service EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers Environment=GOTRACEBACK=crash ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type}}-master-controllers -ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master-controllers --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master-controllers -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master controllers --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master-controllers LimitNOFILE=131072 @@ -22,4 +22,3 @@ Restart=on-failure [Install] WantedBy=multi-user.target -WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_master/templates/docker/master.docker.service.j2 b/roles/openshift_master/templates/docker/master.docker.service.j2 index f88262567..b714fdeb7 100644 --- a/roles/openshift_master/templates/docker/master.docker.service.j2 +++ b/roles/openshift_master/templates/docker/master.docker.service.j2 @@ -1,13 +1,14 @@ [Unit] After=docker.service -Before={{ openshift.common.service_type }}-node.service Requires=docker.service PartOf=docker.service +After=etcd_container.service +Wants=etcd_container.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-master ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-master -ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS +ExecStart=/usr/bin/docker run --rm --privileged --net=host --name {{ openshift.common.service_type }}-master --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-master -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v /var/run/docker.sock:/var/run/docker.sock -v {{ openshift.common.config_base }}:{{ openshift.common.config_base }} {{ openshift.master.master_image }}:${IMAGE_VERSION} start master --config=${CONFIG_FILE} $OPTIONS ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-master Restart=always diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 index f953de404..8e2d927aa 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.j2 @@ -1,6 +1,6 @@ OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.api_port }} --master={{ openshift.master.loopback_api_url }} CONFIG_FILE={{ openshift_master_config_file }} -{% if openshift.common.is_containerized %} +{% if openshift.common.is_containerized | bool %} IMAGE_VERSION={{ openshift_version }} {% endif %} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 index ba19fb348..e61418eb6 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-api.service.j2 @@ -1,10 +1,10 @@ [Unit] Description=Atomic OpenShift Master API Documentation=https://github.com/openshift/origin -After=network.target +After=network-online.target After=etcd.service Before={{ openshift.common.service_type }}-node.service -Requires=network.target +Requires=network-online.target [Service] Type=notify diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 index 30da9d396..5c6cb2dcb 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.j2 @@ -1,6 +1,6 @@ OPTIONS=--loglevel={{ openshift.master.debug_level }} --listen={{ 'https' if openshift.master.api_use_ssl else 'http' }}://{{ openshift.master.bind_addr }}:{{ openshift.master.controllers_port }} CONFIG_FILE={{ openshift_master_config_file }} -{% if openshift.common.is_containerized %} +{% if openshift.common.is_containerized | bool %} IMAGE_VERSION={{ openshift_version }} {% endif %} diff --git a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 index b393bb9ff..ba4c1e0e8 100644 --- a/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 +++ b/roles/openshift_master/templates/native-cluster/atomic-openshift-master-controllers.service.j2 @@ -1,10 +1,10 @@ [Unit] Description=Atomic OpenShift Master Controllers Documentation=https://github.com/openshift/origin -After=network.target +After=network-online.target After={{ openshift.common.service_type }}-master-api.service -Before={{ openshift.common.service_type }}-node.service -Requires=network.target +Wants={{ openshift.common.service_type }}-master-api.service +Requires=network-online.target [Service] {% if openshift.common.version_gte_3_1_1_or_1_1_1 | bool %} @@ -23,4 +23,3 @@ Restart=on-failure [Install] WantedBy=multi-user.target -WantedBy={{ openshift.common.service_type }}-node.service diff --git a/roles/openshift_node/handlers/main.yml b/roles/openshift_node/handlers/main.yml index 3fec4b1dd..1a1dc8ede 100644 --- a/roles/openshift_node/handlers/main.yml +++ b/roles/openshift_node/handlers/main.yml @@ -3,8 +3,6 @@ service: name={{ openshift.common.service_type }}-node state=restarted when: not (node_service_status_changed | default(false) | bool) -- name: restart docker - service: name=docker state=restarted - - name: restart openvswitch service: name=openvswitch state=restarted + when: not (ovs_service_status_changed | default(false) | bool) diff --git a/roles/openshift_node/meta/main.yml b/roles/openshift_node/meta/main.yml index c92008a77..702012489 100644 --- a/roles/openshift_node/meta/main.yml +++ b/roles/openshift_node/meta/main.yml @@ -12,4 +12,5 @@ galaxy_info: categories: - cloud dependencies: -- { role: openshift_common } +- role: openshift_common +- role: openshift_docker diff --git a/roles/openshift_node/tasks/main.yml b/roles/openshift_node/tasks/main.yml index 2d3960cd8..ca1e26459 100644 --- a/roles/openshift_node/tasks/main.yml +++ b/roles/openshift_node/tasks/main.yml @@ -11,10 +11,8 @@ with_items: - role: common local_facts: - hostname: "{{ openshift_hostname | default(none) }}" - public_hostname: "{{ openshift_public_hostname | default(none) }}" - deployment_type: "{{ openshift_deployment_type }}" # TODO: Replace this with a lookup or filter plugin. + # TODO: Move this to the node role dns_ip: "{{ openshift_dns_ip | default(openshift_master_cluster_vip | default(None if openshift.common.version_gte_3_1_or_1_1 | bool else openshift_node_first_master_ip | default(None, true), true), true) }}" @@ -25,7 +23,6 @@ iptables_sync_period: "{{ openshift_node_iptables_sync_period | default(None) }}" kubelet_args: "{{ openshift_node_kubelet_args | default(None) }}" labels: "{{ lookup('oo_option', 'openshift_node_labels') | default( openshift_node_labels | default(none), true) }}" - portal_net: "{{ openshift_master_portal_net | default(None) }}" registry_url: "{{ oreg_url | default(none) }}" schedulable: "{{ openshift_schedulable | default(openshift_scheduleable) | default(None) }}" sdn_mtu: "{{ openshift_node_sdn_mtu | default(None) }}" @@ -34,6 +31,7 @@ node_image: "{{ osn_image | default(None) }}" ovs_image: "{{ osn_ovs_image | default(None) }}" proxy_mode: "{{ openshift_node_proxy_mode | default('iptables') }}" + local_quota_per_fsgroup: "{{ openshift_node_local_quota_per_fsgroup | default(None) }}" # We have to add tuned-profiles in the same transaction otherwise we run into depsolving # problems because the rpms don't pin the version properly. This was fixed in 3.1 packaging. @@ -79,12 +77,16 @@ - name: Reload systemd units command: systemctl daemon-reload - when: openshift.common.is_containerized and ( ( install_node_result | changed ) + when: openshift.common.is_containerized | bool and ( ( install_node_result | changed ) or ( install_ovs_sysconfig | changed ) ) - name: Start and enable openvswitch docker service service: name=openvswitch.service enabled=yes state=started when: openshift.common.is_containerized | bool and openshift.common.use_openshift_sdn | bool + register: ovs_start_result + +- set_fact: + ovs_service_status_changed: "{{ ovs_start_result | changed }}" # TODO: add the validate parameter when there is a validation command to run - name: Create the Node config @@ -124,7 +126,8 @@ # Using curl here since the uri module requires python-httplib2 and # wait_for port doesn't provide health information. command: > - curl -k --silent {{ openshift_node_master_api_url }}/healthz/ready + curl --silent --cacert {{ openshift.common.config_base }}/node/ca.crt + {{ openshift_node_master_api_url }}/healthz/ready register: api_available_output until: api_available_output.stdout == 'ok' retries: 120 @@ -134,7 +137,7 @@ - name: Start and enable node service: name={{ openshift.common.service_type }}-node enabled=yes state=started - register: start_result + register: node_start_result - set_fact: - node_service_status_changed: "{{ start_result | changed }}" + node_service_status_changed: "{{ node_start_result | changed }}" diff --git a/roles/openshift_node/templates/node.yaml.v1.j2 b/roles/openshift_node/templates/node.yaml.v1.j2 index 67975d372..28cb1ea26 100644 --- a/roles/openshift_node/templates/node.yaml.v1.j2 +++ b/roles/openshift_node/templates/node.yaml.v1.j2 @@ -38,3 +38,6 @@ volumeDirectory: {{ openshift.common.data_dir }}/openshift.local.volumes proxyArguments: proxy-mode: - {{ openshift.node.proxy_mode }} +volumeConfig: + localQuota: + perFSGroup: {{ openshift.node.local_quota_per_fsgroup }} diff --git a/roles/openshift_node/templates/openshift.docker.node.service b/roles/openshift_node/templates/openshift.docker.node.service index 83b697f73..65d2291bb 100644 --- a/roles/openshift_node/templates/openshift.docker.node.service +++ b/roles/openshift_node/templates/openshift.docker.node.service @@ -1,19 +1,21 @@ [Unit] -After=docker.service After={{ openshift.common.service_type }}-master.service +After=docker.service After=openvswitch.service +PartOf=docker.service +Requires=docker.service {% if openshift.common.use_openshift_sdn %} Requires=openvswitch.service {% endif %} -Requires=docker.service -PartOf=docker.service +Wants={{ openshift.common.service_type }}-master.service [Service] EnvironmentFile=/etc/sysconfig/{{ openshift.common.service_type }}-node ExecStartPre=-/usr/bin/docker rm -f {{ openshift.common.service_type }}-node -ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:ro -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log {{ openshift.node.node_image }}:${IMAGE_VERSION} +ExecStart=/usr/bin/docker run --name {{ openshift.common.service_type }}-node --rm --privileged --net=host --pid=host --env-file=/etc/sysconfig/{{ openshift.common.service_type }}-node -v /:/rootfs:ro -e CONFIG_FILE=${CONFIG_FILE} -e OPTIONS=${OPTIONS} -e HOST=/rootfs -e HOST_ETC=/host-etc -v {{ openshift.common.data_dir }}:{{ openshift.common.data_dir }} -v {{ openshift.common.config_base }}/node:{{ openshift.common.config_base }}/node -v /etc/localtime:/etc/localtime:ro -v /etc/machine-id:/etc/machine-id:ro -v /run:/run -v /sys:/sys:ro -v /usr/bin/docker:/usr/bin/docker:ro -v /var/lib/docker:/var/lib/docker -v /lib/modules:/lib/modules -v /etc/origin/openvswitch:/etc/openvswitch -v /etc/origin/sdn:/etc/openshift-sdn -v /etc/systemd/system:/host-etc/systemd/system -v /var/log:/var/log -v /dev:/dev {{ openshift.node.node_image }}:${IMAGE_VERSION} ExecStartPost=/usr/bin/sleep 10 ExecStop=/usr/bin/docker stop {{ openshift.common.service_type }}-node +SyslogIdentifier={{ openshift.common.service_type }}-node Restart=always [Install] diff --git a/roles/openshift_node/templates/openvswitch.docker.service b/roles/openshift_node/templates/openvswitch.docker.service index 7af2b7431..047f66fda 100644 --- a/roles/openshift_node/templates/openvswitch.docker.service +++ b/roles/openshift_node/templates/openvswitch.docker.service @@ -9,6 +9,7 @@ ExecStartPre=-/usr/bin/docker rm -f openvswitch ExecStart=/usr/bin/docker run --name openvswitch --rm --privileged --net=host --pid=host -v /lib/modules:/lib/modules -v /run:/run -v /sys:/sys:ro -v /etc/origin/openvswitch:/etc/openvswitch {{ openshift.node.ovs_image }}:${IMAGE_VERSION} ExecStartPost=/usr/bin/sleep 5 ExecStop=/usr/bin/docker stop openvswitch +SyslogIdentifier=openvswitch Restart=always [Install] diff --git a/roles/openshift_serviceaccounts/tasks/main.yml b/roles/openshift_serviceaccounts/tasks/main.yml index f34fa7b74..5dd28d52a 100644 --- a/roles/openshift_serviceaccounts/tasks/main.yml +++ b/roles/openshift_serviceaccounts/tasks/main.yml @@ -9,7 +9,8 @@ - name: create the service account shell: > echo {{ lookup('template', '../templates/serviceaccount.j2') - | from_yaml | to_json | quote }} | {{ openshift.common.client_binary }} create -f - + | from_yaml | to_json | quote }} | {{ openshift.common.client_binary }} + -n {{ openshift_serviceaccounts_namespace }} create -f - when: item.1.rc != 0 with_together: - openshift_serviceaccounts_names diff --git a/roles/openshift_storage_nfs/tasks/main.yml b/roles/openshift_storage_nfs/tasks/main.yml index fdd7bd3f1..fe7f83cbb 100644 --- a/roles/openshift_storage_nfs/tasks/main.yml +++ b/roles/openshift_storage_nfs/tasks/main.yml @@ -1,8 +1,6 @@ --- - name: Install nfs-utils - yum: - pkg: nfs-utils - state: present + action: "{{ ansible_pkg_mgr }} name=nfs-utils state=present" - name: Configure NFS lineinfile: diff --git a/roles/os_firewall/meta/main.yml b/roles/os_firewall/meta/main.yml index 8592371e8..c93335b7b 100644 --- a/roles/os_firewall/meta/main.yml +++ b/roles/os_firewall/meta/main.yml @@ -11,4 +11,5 @@ galaxy_info: - 7 categories: - system -dependencies: [] +dependencies: +- { role: openshift_facts } diff --git a/roles/os_zabbix/vars/template_openshift_master.yml b/roles/os_zabbix/vars/template_openshift_master.yml index e36f23a2b..1f2117b2c 100644 --- a/roles/os_zabbix/vars/template_openshift_master.yml +++ b/roles/os_zabbix/vars/template_openshift_master.yml @@ -6,261 +6,314 @@ g_template_openshift_master: applications: - Openshift Master key: openshift.master.app.create + + - key: openshift.master.app.build.create + description: "check the app create with a build process" + value_type: int + applications: + - Openshift Master + + - key: openshift.master.app.create.time + description: "check the time it takes app create with a build process" + value_type: float + applications: + - Openshift Master + + - key: openshift.master.app.build.time + description: "check the time it takes app build" + value_type: float + applications: + - Openshift Master - key: openshift.master.process.count description: Shows number of master processes running - type: int + value_type: int applications: - Openshift Master - key: openshift.master.api.ping description: "Verify that the Openshift API is up (uses the cluster API URL)" - type: int + value_type: int applications: - Openshift Master - key: openshift.master.local.api.ping description: "Verify that the Openshift API is up on the host (uses the API URL as the https://127.0.0.1)" - type: int + value_type: int applications: - Openshift Master - key: openshift.master.api.healthz description: "Checks the healthz check of the master's api: https://<cluster_api_url>/healthz" - type: int + value_type: int data_type: bool applications: - Openshift Master - key: openshift.master.local.api.healthz description: "Checks the healthz check of the master's api: https://127.0.0.1/healthz" - type: int + value_type: int data_type: bool applications: - Openshift Master - key: openshift.master.user.count description: Shows number of users in a cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pod.running.count description: Shows number of pods running - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pod.user.running.count description: Shows number of user pods running (non infrastructure pods) - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pod.total.count description: Shows total number of pods (running and non running) - type: int + value_type: int applications: - Openshift Master - key: openshift.master.node.count description: Shows the total number of nodes found in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.project.count description: Shows number of projects on a cluster - type: int + value_type: int + applications: + - Openshift Master + + - key: openshift.master.pv.space.total + description: Shows the total space of pv + value_type: int + applications: + - Openshift Master + + - key: openshift.master.pv.space.available + description: Shows the available space of pv + value_type: int applications: - Openshift Master - key: openshift.master.pv.total.count description: Total number of Persistent Volumes in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pv.available.count description: Total number of Available Persistent Volumes in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pv.released.count description: Total number of Released Persistent Volumes in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pv.bound.count description: Total number of Bound Persistent Volumes in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.pv.failed.count description: Total number of Failed Persistent Volumes in the Openshift Cluster - type: int + value_type: int applications: - Openshift Master - key: openshift.master.skydns.port.open description: State of the SkyDNS port open and listening - type: int + value_type: int applications: - Openshift Master - key: openshift.master.skydns.query description: SkyDNS can be queried or not - type: int + value_type: int applications: - Openshift Master - key: openshift.master.etcd.create.success description: Show number of successful create actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.create.fail description: Show number of failed create actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.delete.success description: Show number of successful delete actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.delete.fail description: Show number of failed delete actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.get.success description: Show number of successful get actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.get.fail description: Show number of failed get actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.set.success description: Show number of successful set actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.set.fail description: Show number of failed set actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.update.success description: Show number of successful update actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.update.fail description: Show number of failed update actions - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.watchers description: Show number of etcd watchers - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.etcd.ping description: etcd ping - type: int + value_type: int applications: - Openshift Etcd - key: openshift.master.metric.ping description: "This check verifies that the https://master/metrics check is alive and communicating properly." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.nodesnotready.count description: "This check shows how many nodes in a cluster are in NotReady state." - type: int + value_type: int applications: - Openshift Master - key: openshift.master.nodesnotschedulable.count description: "This check shows how many nodes in a cluster are not schedulable." - type: int + value_type: int applications: - Openshift Master - key: openshift.master.apiserver.latency.summary.pods.quantile.list.5 description: "Value from https://master/metrics. This is the time, in miliseconds, that 50% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.apiserver.latency.summary.pods.quantile.list.9 description: "Value from https://master/metrics. This is the time, in miliseconds, that 90% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.apiserver.latency.summary.pods.quantile.list.99 description: "Value from https://master/metrics. This is the time, in miliseconds, that 99% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.apiserver.latency.summary.pods.quantile.watchlist.5 description: "Value from https://master/metrics. This is the time, in miliseconds, that 50% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.apiserver.latency.summary.pods.quantile.watchlist.9 description: "Value from https://master/metrics. This is the time, in miliseconds, that 90% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.apiserver.latency.summary.pods.quantile.watchlist.99 description: "Value from https://master/metrics. This is the time, in miliseconds, that 99% of the pod operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.scheduler.e2e.scheduling.latency.quantile.5 description: "Value from https://master/metrics. This is the time, in miliseconds, that 50% of the end to end scheduling operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.scheduler.e2e.scheduling.latency.quantile.9 description: "Value from https://master/metrics. This is the time, in miliseconds, that 90% of the end to end scheduling operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics - key: openshift.master.scheduler.e2e.scheduling.latency.quantile.99 description: "Value from https://master/metrics. This is the time, in miliseconds, that 99% of the end to end scheduling operations have taken to completed." - type: int + value_type: int applications: - Openshift Master Metrics + zdiscoveryrules: + - name: disc.pv + key: disc.pv + lifetime: 1 + description: "Dynamically register the Persistent Volumes" + + zitemprototypes: + - discoveryrule_key: disc.pv + name: "disc.pv.count.{#OSO_PV}" + key: "disc.pv.count[{#OSO_PV}]" + value_type: int + description: "Number of PV's of this size" + applications: + - Openshift Master + + - discoveryrule_key: disc.pv + name: "disc.pv.count.available.{#OSO_PV}" + key: "disc.pv.count.available[{#OSO_PV}]" + value_type: int + description: "Number of PV's of this size that are available" + applications: + - Openshift Master + ztriggers: - name: 'Openshift Master process not running on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.process.count.max(#3)}<1' @@ -295,6 +348,13 @@ g_template_openshift_master: - 'Openshift Master process not running on {HOST.NAME}' priority: avg + - name: 'Application creation with build has failed on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.app.build.create.last(#1)}=1 and {Template Openshift Master:openshift.master.app.build.create.last(#2)}=1' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' + priority: avg + - name: 'Application creation has failed multiple times in the last hour on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.app.create.sum(1h)}>3' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' @@ -303,6 +363,14 @@ g_template_openshift_master: description: The application create loop has failed 4 or more times in the last hour priority: avg + - name: 'Application with build creation has failed multiple times in the last 2 hour on {HOST.NAME}' + expression: '{Template Openshift Master:openshift.master.app.build.create.sum(2h)}>3' + url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/check_create_app.asciidoc' + dependencies: + - 'Openshift Master process not running on {HOST.NAME}' + description: The application create loop has failed 4 or more times in the last hour + priority: avg + - name: 'Openshift Master API health check is failing on {HOST.NAME}' expression: '{Template Openshift Master:openshift.master.api.healthz.max(#3)}<1' url: 'https://github.com/openshift/ops-sop/blob/master/V3/Alerts/openshift_master.asciidoc' diff --git a/roles/os_zabbix/vars/template_openshift_node.yml b/roles/os_zabbix/vars/template_openshift_node.yml index 66bd3a147..9f84a2cdf 100644 --- a/roles/os_zabbix/vars/template_openshift_node.yml +++ b/roles/os_zabbix/vars/template_openshift_node.yml @@ -4,37 +4,37 @@ g_template_openshift_node: zitems: - key: openshift.node.process.count description: Shows number of OpenShift Node processes running - type: int + value_type: int applications: - Openshift Node - key: openshift.node.ovs.pids.count description: Shows number of ovs process ids running - type: int + value_type: int applications: - Openshift Node - key: openshift.node.ovs.ports.count description: Shows number of OVS ports defined - type: int + value_type: int applications: - Openshift Node - key: openshift.node.ovs.stray.rules description: Number of OVS stray rules found/removed - type: int + value_type: int applications: - Openshift Node - key: openshift.node.registry-pods.healthy_pct description: Shows the percentage of healthy registries in the cluster - type: int + value_type: int applications: - Openshift Node - key: openshift.node.registry.service.ping description: Ping docker-registry service from node - type: int + value_type: int applications: - Openshift Node diff --git a/test/units/yedit_test.py b/test/units/yedit_test.py new file mode 100755 index 000000000..cdd2d2b59 --- /dev/null +++ b/test/units/yedit_test.py @@ -0,0 +1,236 @@ +#!/usr/bin/env python2 +''' + Unit tests for yedit +''' + +import unittest +import os +import yaml + +class YeditException(Exception): + ''' Exception class for Yedit ''' + pass + +class Yedit(object): + ''' Class to modify yaml files ''' + + def __init__(self, filename): + self.filename = filename + self.__yaml_dict = None + self.get() + + @property + def yaml_dict(self): + ''' get property for yaml_dict ''' + return self.__yaml_dict + + @yaml_dict.setter + def yaml_dict(self, value): + ''' setter method for yaml_dict ''' + self.__yaml_dict = value + + @staticmethod + def remove_entry(data, keys): + ''' remove an item from a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + item = c + ''' + if "." in keys: + key, rest = keys.split(".", 1) + if key in data.keys(): + Yedit.remove_entry(data[key], rest) + else: + del data[keys] + + @staticmethod + def add_entry(data, keys, item): + ''' Add an item to a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + item = c + ''' + if "." in keys: + key, rest = keys.split(".", 1) + if key not in data: + data[key] = {} + + if not isinstance(data, dict): + raise YeditException('Invalid add_entry called on data [%s].' % data) + else: + Yedit.add_entry(data[key], rest, item) + + else: + data[keys] = item + + + @staticmethod + def get_entry(data, keys): + ''' Get an item from a dictionary with key notation a.b.c + d = {'a': {'b': 'c'}}} + keys = a.b + return c + ''' + if keys and "." in keys: + key, rest = keys.split(".", 1) + if not isinstance(data[key], dict): + raise YeditException('Invalid get_entry called on a [%s] of type [%s].' % (data, type(data))) + + else: + return Yedit.get_entry(data[key], rest) + + else: + return data.get(keys, None) + + + def write(self): + ''' write to file ''' + with open(self.filename, 'w') as yfd: + yfd.write(yaml.dump(self.yaml_dict, default_flow_style=False)) + + def read(self): + ''' write to file ''' + # check if it exists + if not self.exists(): + return None + + contents = None + with open(self.filename) as yfd: + contents = yfd.read() + + return contents + + def exists(self): + ''' return whether file exists ''' + if os.path.exists(self.filename): + return True + + return False + def get(self): + ''' return yaml file ''' + contents = self.read() + + if not contents: + return None + + # check if it is yaml + try: + self.yaml_dict = yaml.load(contents) + except yaml.YAMLError as _: + # Error loading yaml + return None + + return self.yaml_dict + + def delete(self, key): + ''' put key, value into a yaml file ''' + try: + entry = Yedit.get_entry(self.yaml_dict, key) + except KeyError as _: + entry = None + if not entry: + return (False, self.yaml_dict) + + Yedit.remove_entry(self.yaml_dict, key) + self.write() + return (True, self.get()) + + def put(self, key, value): + ''' put key, value into a yaml file ''' + try: + entry = Yedit.get_entry(self.yaml_dict, key) + except KeyError as _: + entry = None + + if entry == value: + return (False, self.yaml_dict) + + Yedit.add_entry(self.yaml_dict, key, value) + self.write() + return (True, self.get()) + + def create(self, key, value): + ''' create the file ''' + if not self.exists(): + self.yaml_dict = {key: value} + self.write() + return (True, self.get()) + + return (False, self.get()) + + + +# Removing invalid variable names for tests so that I can +# keep them brief +# pylint: disable=invalid-name +class YeditTest(unittest.TestCase): + ''' + Test class for yedit + ''' + data = {'a': 'a', + 'b': {'c': {'d': ['e', 'f', 'g']}}, + } + + filename = 'yedit_test.yml' + + def setUp(self): + ''' setup method will create a file and set to known configuration ''' + yed = Yedit(YeditTest.filename) + yed.yaml_dict = YeditTest.data + yed.write() + + def test_get(self): + ''' Testing a get ''' + yed = Yedit('yedit_test.yml') + + self.assertEqual(yed.yaml_dict, self.data) + + def test_write(self): + ''' Testing a simple write ''' + yed = Yedit('yedit_test.yml') + yed.put('key1', 1) + yed.write() + yed.get() + self.assertTrue(yed.yaml_dict.has_key('key1')) + self.assertEqual(yed.yaml_dict['key1'], 1) + + def test_write_x_y_z(self): + '''Testing a write of multilayer key''' + yed = Yedit('yedit_test.yml') + yed.put('x.y.z', 'modified') + yed.write() + self.assertEqual(Yedit.get_entry(yed.get(), 'x.y.z'), 'modified') + + def test_delete_a(self): + '''Testing a simple delete ''' + yed = Yedit('yedit_test.yml') + yed.delete('a') + yed.write() + yed.get() + self.assertTrue(not yed.yaml_dict.has_key('a')) + + def test_delete_b_c(self): + '''Testing delete of layered key ''' + yed = Yedit('yedit_test.yml') + yed.delete('b.c') + yed.write() + yed.get() + self.assertTrue(yed.yaml_dict.has_key('b')) + self.assertFalse(yed.yaml_dict['b'].has_key('c')) + + def test_create(self): + '''Testing a create ''' + os.unlink(YeditTest.filename) + yed = Yedit('yedit_test.yml') + yed.create('foo', 'bar') + yed.write() + yed.get() + self.assertTrue(yed.yaml_dict.has_key('foo')) + self.assertTrue(yed.yaml_dict['foo'], 'bar') + + def tearDown(self): + '''TearDown method''' + os.unlink(YeditTest.filename) + +if __name__ == "__main__": + unittest.main() diff --git a/utils/src/ooinstall/openshift_ansible.py b/utils/src/ooinstall/openshift_ansible.py index 04cccf89d..2b95702bf 100644 --- a/utils/src/ooinstall/openshift_ansible.py +++ b/utils/src/ooinstall/openshift_ansible.py @@ -38,10 +38,10 @@ def generate_inventory(hosts): base_inventory.write('deployment_type={}\n'.format(ver.ansible_key)) if 'OO_INSTALL_ADDITIONAL_REGISTRIES' in os.environ: - base_inventory.write('cli_docker_additional_registries={}\n' + base_inventory.write('openshift_docker_additional_registries={}\n' .format(os.environ['OO_INSTALL_ADDITIONAL_REGISTRIES'])) if 'OO_INSTALL_INSECURE_REGISTRIES' in os.environ: - base_inventory.write('cli_docker_insecure_registries={}\n' + base_inventory.write('openshift_docker_insecure_registries={}\n' .format(os.environ['OO_INSTALL_INSECURE_REGISTRIES'])) if 'OO_INSTALL_PUDDLE_REPO' in os.environ: # We have to double the '{' here for literals |